Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Gallery Hacked  (Read 3677 times)

0 Members and 1 Guest are viewing this topic.

jmcnyc

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Gallery Hacked
« on: December 03, 2007, 02:54:58 am »
I seemed to have the rar file upload problem.  I upgraded to the latest version 1.4.14 - and searched my pictures and deleted all rar files in the gallery.

This did not work.

When I ftp into the site - and browse the albums folder - I see the folder for user pics has been changed to uerpics.  Inside this folder I only have one numbered folder - although my site has hundreds of pictures.  Inside this one folder is a file bvrbrbrebreb.php.rar  I can not delete this file - don’t have the right permissions.

I was worried that all the images were gone - but when I browse the database - I see the images. 

Any ideas how to get rid of the rar file - and repair what has gone wrong?

I can give the link to my site - it may be questionable content for some - so would prefer to give it out one-on-one
Logged

Nibbler

  • Guest
Re: Gallery Hacked
« Reply #1 on: December 03, 2007, 04:23:25 am »
If the files are not on the disk then you have lost them. Best thing to do is delete your Coppermine folder completely and restore from a backup. If you have permissions issues then contact your host.
Logged

jmcnyc

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Re: Gallery Hacked
« Reply #2 on: December 03, 2007, 10:55:24 am »
Quote from: jmcnyc on December 03, 2007, 02:54:58 am
I seemed to have the rar file upload problem.  I upgraded to the latest version 1.4.14 - and searched my pictures and deleted all rar files in the gallery.

This did not work.

When I ftp into the site - and browse the albums folder - I see the folder for user pics has been changed to uerpics.  Inside this folder I only have one numbered folder - although my site has hundreds of pictures.  Inside this one folder is a file bvrbrbrebreb.php.rar  I can not delete this file - don’t have the right permissions.

I was worried that all the images were gone - but when I browse the database - I see the images. 

Any ideas how to get rid of the rar file - and repair what has gone wrong?

I can give the link to my site - it contains adult content - so would prefer to give it out one-on-one

Logged

jmcnyc

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Re: Gallery Hacked
« Reply #3 on: December 03, 2007, 11:02:55 am »
Has this rar virus in the past done this much harm?  Deleating all the image folders?

When I delete my coppermine install - and start over again - can I export my user registration database and import it for the new install so my users dont need to re-register?

Thanks.
Logged

Nibbler

  • Guest
Re: Gallery Hacked
« Reply #4 on: December 03, 2007, 11:18:32 am »
It's not a virus. It gives the attacker control over your webspace, so they can choose to do whatever they like.

You can, but check it first for any extra admin accounts that shouldn't be there.
Logged

dke

  • Guest
Re: Gallery Hacked
« Reply #5 on: December 03, 2007, 01:30:31 pm »
and how does someone get affected by this problem? am i safe? (currently running 1.4.14 CPG)
Logged

Nibbler

  • Guest
Re: Gallery Hacked
« Reply #6 on: December 03, 2007, 01:33:38 pm »
You get affected if you don't keep Coppermine updated. 1.4.14 is the latest version so it is safe.
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.018 seconds with 20 queries.