My Gallery was hacked My Gallery was hacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

My Gallery was hacked

Started by DotHunter, December 12, 2007, 10:22:59 AM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

DotHunter

Hello.
I have upgraded my galery and after that I uploaded files from cpg1414.zip (downloaded from this site).
Today I have seen that last night my site was hacked and I had +400 new comments like: learn chinese .... play warcraft....
I have to mention that Registered users can't post comments, just Advanced and Artists (I choose them). And now all this Advanced an Artists members does not exist any more in users list, just theirs pictures and comments, and Registered users have the right to post comments (that hacker did this).
How can I prevent this?
What is the file name and location of DB.

Please help me.
Thanks

www.galeria.amintiri.com


DotHunter


Joachim Müller

Quote from: DotHunter on December 12, 2007, 10:22:59 AM
How can I prevent this?
Scan for backdoors
Quote from: DotHunter on December 12, 2007, 10:22:59 AMWhat is the file name and location of DB.
The database is not a file, but a database

Infernal

i really doubt this was done through coppermine

DotHunter

Quote from: GauGau on December 12, 2007, 06:39:28 PM
Scan for backdoorsThe database is not a file, but a database

If you can be more specific it will may help me.
Scan for backdoors: on server or my pc? I scan my pc every day (adaware + spybot s&d)
The database is not a file, but a database.... Just tell me where to look, what folder?
Have a nice day

Joachim Müller

Quote from: DotHunter on December 13, 2007, 07:27:08 AM
Just tell me where to look, what folder?
As the database is not a file, it does not reside in a folder, so I can't tell you the location. Your question simply doesn't apply. It's like asking "in what street does a wild animal live?" That answer to that question would be "wild animals don't live in towns with streets, so they don't have an address".
If you need to directly modify your database (which is not recommended for newbies), use a third party tool like phpMyAdmin.

Quote from: DotHunter on December 13, 2007, 07:27:08 AM
Scan for backdoors: on server or my pc? I scan my pc every day (adaware + spybot s&d)
The backdoor must reside on your server obviously, not on your PC. As you don't have the needed access permissions on your server to perform the scan there, you'll need to download all files on your server to your PC and then look for the backdoor in that copy on your PC. You can't use a virus scanner or an app like Spybot S&D for that purpose, since those apps don't scan for server backdoors. You'll have to do so manually, with your file manager and your brain. It is hard for newbies to do this, and I can't teach you the details, as this is way beyond the scope of what you can expect from free support. There have been similar discussions in other threads, please search the board.