My Photo Gallery has been hacked My Photo Gallery has been hacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

My Photo Gallery has been hacked

Started by banthes, July 15, 2007, 05:58:33 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

banthes

I recieved this message from my server provider (doteasy):

QuoteIt has come to our attention that one of your PHP script (http://www.countryluau.com/Photos/albums/userpics/10014/shellx.php) was hacked and hacker had already sent alot of phishing mails from your website. All affected folders and files are disabled. Please consider to upgrade or change your script as soon as possible.

I am using version 1.4.1.0 (wasnt aware of the new release) and I no longer have acces to the gallery (permission denied). I cant even delete it. Any ideas?

Sami

- Either try to chmod/chown those folders or Contact your host and ask them to unlock (set proper permission) those folders for you to upgrade
- Also you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums
‍I don't answer to PM with support question
Please post your issue to related board

scrambled egg

QuoteAlso you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums

Is this true for all versions of CPG, including v1.4.12 - I mean deleting all .php files except index.php ??

Sami

You shouldn't have any php file under albums folder expect index.php , yes it's apply to 1.4.12 version too
Keep in mind this apply to those php files within albums folder and albums's child folders
Do not delete any other php file
‍I don't answer to PM with support question
Please post your issue to related board

banthes

CHMOD didnt work. I restored a backup of my web site from two weeks ago and still couldnt access the file. I tried to contact doteasy, but I havent heard back from them. Weekend I guess. I can access the file through my SQL admin program and wonder if there is anything in there I can do. I couldnt find the offending file (shellx.php) but that's probably because I restored the site. Is there any way to copy the photo folder to another renamed file and reinstall? I would just reinstall in a different folder, but I've got over 400 photos in there.

Sami

#5
Do not install new gallery , do not touch your mysql db just restore your backup to a new folder and see if it's working and then if it works upgrade it to the most recent version (currently cpg1.4.12)
‍I don't answer to PM with support question
Please post your issue to related board