Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: 1 [2]   Go Down

Author Topic: hacked  (Read 9355 times)

0 Members and 1 Guest are viewing this topic.

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #20 on: April 09, 2009, 09:33:57 pm »

Nibbler - would you be willing to ftp into my account and confirm that I sanatized so I can stop getting that question? 
Thanks
Logged

Nibbler

  • Guest
Re: hacked
« Reply #21 on: April 09, 2009, 09:40:39 pm »

OK. PM me.
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #22 on: April 09, 2009, 10:05:39 pm »

Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #23 on: April 10, 2009, 04:29:49 pm »

@ksxj: stop butting in - I have already replied to another thread where you told people to visit your thread. To make this clear: you have not understood the concept behind cleaning and sanitizing as suggested in the Yikes thread. You insist that there is something else people need to do, which is not the case.

@thread starter: ignore ksxj. Do as suggested in the Yikes thread.

wow, just trying to help and see if there are others with the same issue. 

I agree that yikes thread is very helpfull and great start.  I am just using this forum what it is for.  Joining people with the same interestes and to help each other if our paths cross. How are we supposed to know if we are not allowed to discuss such things? 

And you say I did not sanatize my site.  Woudln't deleting all files and reinstalling from scratch count as sanatizing?
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hacked
« Reply #24 on: April 11, 2009, 09:41:25 am »

If you really delete all files (even the ones outside the path of coppermine) and if you don't forget to clean the database as well, then yes: this would count as extreme sanitization, or rather an extermination. But that's not what you said you did in "your" thread. The things you did or did not perform should however not be discussed in this thread, but inside your thread. In other words: please stay out of this thread with your issues.
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #25 on: April 11, 2009, 06:21:29 pm »

I am really needing help and you want me to stay out of my own thread.  I undestand you want me out of other people thread but by my own?


Well it hasn't even been a day since I completly deleted all my files except the .jpg's and reloaded my gallery and forum from scratch.  I didn't even have time to reinstall my my gallery theme or any of the mods I have done in the past.  Can someone please help me?!?!?!?!?!?!?!?!?
Logged

Phill Luckhurst

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4799
    • Windsurf.me
Re: hacked
« Reply #26 on: April 11, 2009, 08:16:43 pm »

I think you missunderstood. I believe Joachim wants you to keep out of the other threads and keep your questions to your own.

Did you delete all of your other files such a phpbb etc?
Logged
It is a mistake to think you can solve any major problems just with potatoes.

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hacked
« Reply #27 on: April 11, 2009, 08:56:41 pm »

deleted all my files except the .jpg's
Are you sure the jpeg files are clean?

I believe Joachim wants you to keep out of the other threads and keep your questions to your own.
Exactly. Thanks for the clarification. Sorry if have haven't expressed clearly enough what I meant.
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #28 on: April 12, 2009, 02:57:32 am »

Are you sure the jpeg files are clean?

How do I check that?  They open ok when you go to them.  Is there another way to check?
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #29 on: April 12, 2009, 02:58:27 am »

Did you delete all of your other files such a phpbb etc?


I deleted everything.  Even my myphpadmin console files and reinstalled everything. 
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hacked
« Reply #30 on: April 13, 2009, 09:09:23 am »

A possible reason for re-infection are entire servers on shared webhsoting, where the individual accounts are not shielded properly one against the other. I suggest you talk to your webhost as well. Maybe they can shed some light as well on the attack pattern by reviewing their access logs.
As far as I can see, you haven't posted a link to your gallery so far. Would be a good idea to do so now.
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #31 on: May 08, 2009, 04:09:18 pm »

Ok, so I was hacked again this week.  I have been running to sites.  One was just phpbb3 without coppermine for 3 weeks without coppermine.  The other just coppermine. One week after I added coppermine it happened and now it has gotten my just coppermine site.  So I know it is coppermine. 

But now I think it has a name cause my work is comes up blocking "gumblar.cn" when I go to my websites.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hacked
« Reply #32 on: May 08, 2009, 04:57:05 pm »

Re-infections can happen as well if the webspace hasn't been sanitized properly or if outdated software was used. Since you haven't elaborated, there's no saying if it's really the case that coppermine is to blame. Anyway, with so little detail, it's just crying "thief". Not a bright idea. If you want help, post details. If you just came here to blame others, then please stop it.
Logged

ksxj

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 52
Re: hacked
« Reply #33 on: May 08, 2009, 05:32:34 pm »

wow, I am posting my findings as I go, so maybe someone else can read this or stumble accross it if they are having the same issue.  Isn't this what the forum is for???  I am not mad or upset with anyone on this site or blaming anyone on this site. 

It looks like it is not just coppermine but other php based forums/scripts as well.  Looks like they can affect your personal computer and then use your ftp program to find out usernames and passwords for your sites.  But again this is my findings so far, so if you know anything else please share with me and others so we can maybe get a handle on it.



Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hacked
« Reply #34 on: May 09, 2009, 02:37:40 pm »

Well, you blamed coppermine:
So I know it is coppermine. 
and I replied that you can't be sure.
What else do you expect.
Logged
Pages: 1 [2]   Go Up
 

Page created in 0.021 seconds with 19 queries.