*.php.rar = big problem *.php.rar = big problem
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

*.php.rar = big problem

Started by mopieo, August 01, 2006, 08:09:06 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

mopieo

Quote from: GauGau on May 19, 2006, 09:42:36 PM
This might not be obvious to everybody: the maintenance release and hotfix will not cure infected webspace (i.e. pages that have fallen victim to the xxx.php.rar exploit). It will only keep sites that haven't been hit by the attack so far from being vulnerable.
Copying this quote from a different board here.  Is there a way to fix sites that HAVE been hit by the attack?  Or am I doomed?  This file was uploaded to my gallery while I was away on vacation - I thought I had permissions changed so that no one could upload except me... obviously I was wrong.  Now I am unable to upload any new images, although otherwise the gallery seems to be functioning normally.

I am a major newbie when it comes to any type of coding, so explanations should be kept to plain English as much as possible.  I am pretty good at following directions, though.   ;)

Joachim Müller

Plain English suggestions:
1) Upgrade your gallery to the most recent stable version of coppermine (currently cpg1.4.8). The file wouldn't have been uploaded if you were running the most recent version. When quoting a thread that says you have to upgrade, you should do so.
2) Scan your server webspace for any suspicious files. There mustn't be any files matching the pattern xxx.php or xxx.php.rar inside the albums folder (there might be some index files that you can savely delete). Scan all other coppermine folders: there mustn't be any files that don't come with the coppermine package, except include/config.inc.php, include/install.lock and possibly some log files inside the log folder.
3) Ask your webhost for support.