[Joomla wrapper] SEVERLY HACKED EVEN WITH 1.4.4!!!!!!! SEVERLY PISSED! [Joomla wrapper] SEVERLY HACKED EVEN WITH 1.4.4!!!!!!! SEVERLY PISSED!
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[Joomla wrapper] SEVERLY HACKED EVEN WITH 1.4.4!!!!!!! SEVERLY PISSED!

Started by Grendel, March 22, 2006, 04:53:52 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Grendel

March 22, 2006, 04:53:52 AM Last Edit: March 31, 2006, 03:36:04 AM by Grendel
Ok guys... I believe I am getting remote hacked.  I checked my user logs regularly and found direct linking into the gallery on my site that basically gives a hacker major access...

PLEASE ADVISE!... I know you do not like having info posted on the board but I do not know how else to contact the appropriate people.  Here is a sample link... I have removed user info from my site and left it open so you may investigate... everything is backed up...


I use Joomla 1.0.8  Coppermine 1.4.4 and CoppermineVis 1.3.0

This sucks and would appreciate any type of immediate action.

Grendel

#1
March 22, 2006, 04:56:31 AM Last Edit: March 31, 2006, 03:36:21 AM by Grendel
Ok guys... I believe I am getting remote hacked.  I checked my user logs regularly and found direct linking into the gallery on my site that basically gives a hacker major access...

PLEASE ADVISE!... I know you do not like having info posted on the board but I do not know how else to contact the appropriate people.  Here is a sample link... I have removed user info from my site and left it open so you may investigate... everything is backed up...


I use Joomla 1.0.8  Coppermine 1.4.4 and CoppermineVis 1.3.0

kegobeer

#2
March 22, 2006, 05:02:54 AM
Looks like a problem with the Joomla wrapper and not Coppermine.  If you disable the Joomla wrapper, does this attack work?  I'm guessing it won't.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

kegobeer

#3
March 22, 2006, 05:05:42 AM
You've also removed the Coppermine tag line.  Please replace it immediately.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Grendel

#4
March 22, 2006, 05:14:26 AM
Actually it was part of a purchased module from http://www.joombla.com/  it has a configuration option to remove it and states it is legal to do so... Talk with that guy. Coppermine is not sold there... but the integration with Joomla is.

kegobeer

#5
March 22, 2006, 05:17:18 AM
You need to address this potential hack to the author of the Joomla wrapper.  It looks like he/she did not do any sanitizing of request variables.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Grendel

#6
March 22, 2006, 05:19:48 AM
Wish I knew more about programming... what a pain in the butt!.... Thank you for such a quick response... You rule!

Joachim Müller

#7
March 22, 2006, 07:20:18 AM
we're aware that he tells people it's legal to remove the "Powered by Coppermine" footer. It is not. He doesn't have the power to allow you to do that. We have already contacted the guy. We do not recommend CoppermineVis.

Tranz

#8
March 23, 2006, 05:23:36 AM
So should the thread be invalid?

Joachim Müller

#9
March 23, 2006, 09:37:45 AM
@Thu: yes, marking accordingly.

@Grendel: don't shout at us (your thread subject actually blames us of having released vulnerable code) - your thread is trying to make it look as if your site got hacked because of coppermine flaws. Although there have been flaws in coppermine in the past (and there probably will be in the future, as we're only human - we will probably make coding mistakes), the issues you're having and the reason for your site getting hacked are not related to coppermine, but using another third party app that the Coppermine team clearly disapproves. Shouting "thief" or "bug" actually means smacking us in the face. I suggest you keep your cool in the future...

Grendel

#10
March 23, 2006, 08:20:10 PM
Quote from: GauGau on March 23, 2006, 09:37:45 AM
@Thu: yes, marking accordingly.

@Grendel: don't shout at us (your thread subject actually blames us of having released vulnerable code) - your thread is trying to make it look as if your site got hacked because of coppermine flaws. Although there have been flaws in coppermine in the past (and there probably will be in the future, as we're only human - we will probably make coding mistakes), the issues you're having and the reason for your site getting hacked are not related to coppermine, but using another third party app that the Coppermine team clearly disapproves. Shouting "thief" or "bug" actually means smacking us in the face. I suggest you keep your cool in the future...

Sorry if it seemed so... thing is... the site was hacked and there was an immediate need to find out why.  Shouting is a way of getting attention to the matter in as fast of time as possible... The problem was unknown... it could have been your code (even though in this case it was not) and people should have a right to know that something is up... once identified as to who the culprit was.... then you will see that I give credit when it was due...

I appreciate your guys passion... maybe it is a cultural difference... but do not be too sensitive. Remember you are reading written word... Meaning can be interpreted many different ways.
Print
Go Up Pages1
User actions