album hacked urgent plz album hacked urgent plz
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

album hacked urgent plz

Started by Seleno, October 15, 2006, 08:37:58 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Seleno

hello every one
they hacked my site,and my server,i deleted the shell file that they hacked me by,i get back my site
but i think they changed my coppermine password
i put my email in forget my password,didn't recieve my password
how can i change the password from the cpanel of my site?
from which php file?
or how can i add another admin and the delete the old
urgent help plz!!!!!
waiting

Seleno

i'm waiting your help plz
i changed the user and password from Myphp admin,from the sql file
and i see this message now::::::::::::

You are currently banned from using this site.
:::::::::::::
what can i do to get back my coppermine and admin user?
if there any way from cpanel plz?

Tranz

Can you PM me your account login? I'll look into what's going on with your database. I'll need your gallery login, your db login. If phpmyadmin is done thru cpanel, i'll need that login.

Seleno

Hi there
thanx for your reply
i told you what's the problem with my coppermine
hackers change my admin password
then i went to myphp admin to coppermine database
then i changed the user and left the password empty
so i need away to get my admin back
and i'm sorry i don't send my login info online
coz i just got back my site
if any help
i'm waiting from anybody
thanx

Tranz

I offered help because you said it was urgent and I didn't know you knew your way around phpmyadmin. Seeing as you do, instead of making the password empty, change the password type to MD5 and enter the desired password.

Joachim Müller

If a fresh install got hacked, the attacker probably left a backdoor somewhere.

Seleno

Thanx for help TranzNDance :)
Thanx GauGau :)

no its not afresh install,i deleted the installation file
and i don't have public upload or user upload,only me can upload
but how can he left a backdoor shell in my site?
by coppermine?
any bugs?

donnoman

It may not even be your site that's vulnerable. Depending on the host's competence and diligence it is possible to attack one site with vulnerable software and then move around on the server and attack other sites that don't have a specific vulnerability.

Seleno

thanx donnoman
i have dedicated server
i use coppermine 1.4.8,vbulletine 3.0.7 and wordpress blog
i was reading about coppermine 1.4.3,any body can upload Exploit script on it

Joachim Müller

Quote from: Seleno on October 17, 2006, 10:35:34 AM
i use coppermine 1.4.8
Most recent coppermine version is cpg1.4.9 -> upgrade

Quote from: Seleno on October 17, 2006, 10:35:34 AM
i have dedicated server
Then you at least know the admin who is in charge of the server who you could turn to for help.

Quote from: Seleno on October 17, 2006, 10:35:34 AM
i was reading about coppermine 1.4.3,any body can upload Exploit script on it
Older Coppermine versions contained security-related bugs, that's true. However, you claim not to have cpg1.4.3 but cpg1.4.8, so there's no reason to worry about cpg1.4.3 bugs.

donnoman

your vbulletin is out of date, and probably a more likely a candidate since 3.0.7 does have a few security notices regarding xss and sql injection vulns.  You should check everything you run on your dedicated server and upgrade them to the latest stable versions.

If this is a dedicated server where are your weblogs?

Do you know when the server went wonky on you?