webadmin.php upload hack webadmin.php upload hack
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

webadmin.php upload hack

Started by nautis, June 26, 2006, 05:21:41 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

nautis

Someone has been uploading a .rar file to my photo album (public permissions all to post). Inside the rar is a file called webadmin.php which looks like a web file manager. Does this mean someone is trying to hack my photo album? if so, are there security messures in place to block this sort of activity? Thanks.

- Matthew

Justttt

i dont think they would be able to hack uploading a file in a .rar why dont you download the .rar  nd paste the code in here maybe someone can tell you what the file is  ::)
J U S T T T T

Tranz

Quote from: nautis on June 26, 2006, 05:21:41 PM
Someone has been uploading a .rar file to my photo album (public permissions all to post). Inside the rar is a file called webadmin.php which looks like a web file manager. Does this mean someone is trying to hack my photo album? if so, are there security messures in place to block this sort of activity? Thanks.

- Matthew
Yes. Please upgrade to 1.4.8. Search for any other backdoor files and remove them. Change your admin password.

Tranz

Quote from: Justttt on June 26, 2006, 05:24:35 PM
i dont think they would be able to hack uploading a file in a .rar why dont you download the .rar  nd paste the code in here maybe someone can tell you what the file is  ::)
Yes, they could. http://forum.coppermine-gallery.net/index.php?topic=31671.0

nautis

i had already upgraded to the latest version. i deleted the file, but you find out more about it here: http://wacker-welt.de/webadmin/. is there a way i can turn off uploading archives?

Nibbler

Set the allowed filetypes to whatever you like in config.