album hacked urgent plz

[Seleno]

hello every one
they hacked my site,and my server,i deleted the shell file that they hacked me by,i get back my site
but i think they changed my coppermine password
i put my email in forget my password,didn't recieve my password
how can i change the password from the cpanel of my site?
from which php file?
or how can i add another admin and the delete the old
urgent help plz!!!!!
waiting

[Seleno]

i'm waiting your help plz
i changed the user and password from Myphp admin,from the sql file
and i see this message now::::::::::::

You are currently banned from using this site.
:::::::::::::
what can i do to get back my coppermine and admin user?
if there any way from cpanel plz?

[Tranz]

Can you PM me your account login? I'll look into what's going on with your database. I'll need your gallery login, your db login. If phpmyadmin is done thru cpanel, i'll need that login.

[Seleno]

Hi there
thanx for your reply
i told you what's the problem with my coppermine
hackers change my admin password
then i went to myphp admin to coppermine database
then i changed the user and left the password empty
so i need away to get my admin back
and i'm sorry i don't send my login info online
coz i just got back my site
if any help
i'm waiting from anybody
thanx

[Tranz]

I offered help because you said it was urgent and I didn't know you knew your way around phpmyadmin. Seeing as you do, instead of making the password empty, change the password type to MD5 and enter the desired password.

[Joachim Müller]

If a fresh install got hacked, the attacker probably left a backdoor somewhere.

[Seleno]

Thanx for help TranzNDance
Thanx GauGau

no its not afresh install,i deleted the installation file
and i don't have public upload or user upload,only me can upload
but how can he left a backdoor shell in my site?
by coppermine?
any bugs?

[donnoman]

It may not even be your site that's vulnerable. Depending on the host's competence and diligence it is possible to attack one site with vulnerable software and then move around on the server and attack other sites that don't have a specific vulnerability.

[Seleno]

thanx donnoman
i have dedicated server
i use coppermine 1.4.8,vbulletine 3.0.7 and wordpress blog
i was reading about coppermine 1.4.3,any body can upload Exploit script on it

[Joachim Müller]

i use coppermine 1.4.8

Most recent coppermine version is cpg1.4.9 -> upgrade

i have dedicated server

Then you at least know the admin who is in charge of the server who you could turn to for help.

i was reading about coppermine 1.4.3,any body can upload Exploit script on it

Older Coppermine versions contained security-related bugs, that's true. However, you claim not to have cpg1.4.3 but cpg1.4.8, so there's no reason to worry about cpg1.4.3 bugs.

[donnoman]

your vbulletin is out of date, and probably a more likely a candidate since 3.0.7 does have a few security notices regarding xss and sql injection vulns.  You should check everything you run on your dedicated server and upgrade them to the latest stable versions.

If this is a dedicated server where are your weblogs?

Do you know when the server went wonky on you?