Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: One of my CPG installs was hacked  (Read 2446 times)

0 Members and 1 Guest are viewing this topic.

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4885
    • Windsurf.me
One of my CPG installs was hacked
« on: October 28, 2008, 07:33:45 pm »
Yesterday one of my  CPG 1.4.19 installs was hacked. I believe it was done not through coppermine but through something it was bridged with but I would like your opinion

The attached file was uploaded to the galleries a number of times. If you've seen it before or know what it does then could you tell me?

« Last Edit: October 28, 2008, 09:10:36 pm by phill104 »
Logged
It is a mistake to think you can solve any major problems just with potatoes.

aftab1003

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 67
    • PictureRating Site for Teens
Re: One of my CPG installs was hacked
« Reply #1 on: October 28, 2008, 07:44:38 pm »
i have already post the all information regarding the hack

i am also attacked by the iframe
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: One of my CPG installs was hacked
« Reply #2 on: October 28, 2008, 11:22:15 pm »
Well, the file you posted is the payload, but it doesn't give a clue how the attack was performed.
Try to access your server logs to see if you can find out more details about the attack itself.
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4885
    • Windsurf.me
Re: One of my CPG installs was hacked
« Reply #3 on: October 29, 2008, 12:04:38 am »
I shall be bored silly in an hotel tomorrow evening so I will look through the logs then. I'm quite sure entry was gained through the other app but I would like to be sure. If it does look like CPG was the entry point I will post back with the results.
Logged
It is a mistake to think you can solve any major problems just with potatoes.
Pages: [1]   Go Up
« previous next »
 

Page created in 0.03 seconds with 20 queries.