ly.php.rar & smekerie.php.rar uploaded to multiple coppermine based sites. ly.php.rar & smekerie.php.rar uploaded to multiple coppermine based sites.
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

ly.php.rar & smekerie.php.rar uploaded to multiple coppermine based sites.

Started by mike5751, September 01, 2006, 09:00:27 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mike5751

September 01, 2006, 09:00:27 PM Last Edit: September 01, 2006, 11:00:07 PM by mike5751
Hello

I run coppermine photo software on my site and a few days ago, two people from a European country uploaded a file called "ly.php.rar" and "smekerie.php.rar".  They each joined as a new member and uploaded the file within 2 minutes of each other.  Upon doing a google search of the uploaded files, it turns out this file is uploaded on numerous coppermine based photo galleries.  The file title is random keystrokes and the user name is some made up one.  Anyone have any ideas? I am hesitant to open the file as it maybe a virus or nasty code.  Any idea whats going on? Its not just my site, its hundreds of sites that have this same file uplaoded in the same fashion.  I think somethings going on here.

Thanks

Xerom

#2
November 06, 2009, 04:59:41 AM
This has been fixed by coppermine, however if you want to know how to deny execution of scripts in any folder, you can create a .htaccess file and place it into the folder then add the following to it:

RemoveHandler cgi-script .pl .py .jsp .asp .htm .shtml .sh .cgi .php
RemoveHandler php5-script .php

Instead of executing the script it just displays the script code as text in the browser

As a precaution I placed this in /albums/userpics/.htaccess and /albums/edit/.htaccess seems to have solved my problem and peace of mind.
Print
Go Up Pages1
User actions