One of my CPG installs was hacked One of my CPG installs was hacked
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

One of my CPG installs was hacked

Started by phill104, October 28, 2008, 07:33:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

phill104

October 28, 2008, 07:33:45 PM Last Edit: October 28, 2008, 09:10:36 PM by phill104
Yesterday one of my  CPG 1.4.19 installs was hacked. I believe it was done not through coppermine but through something it was bridged with but I would like your opinion

The attached file was uploaded to the galleries a number of times. If you've seen it before or know what it does then could you tell me?

It is a mistake to think you can solve any major problems just with potatoes.

aftab1003

#1
October 28, 2008, 07:44:38 PM
i have already post the all information regarding the hack

i am also attacked by the iframe

Joachim Müller

#2
October 28, 2008, 11:22:15 PM
Well, the file you posted is the payload, but it doesn't give a clue how the attack was performed.
Try to access your server logs to see if you can find out more details about the attack itself.

phill104

#3
October 29, 2008, 12:04:38 AM
I shall be bored silly in an hotel tomorrow evening so I will look through the logs then. I'm quite sure entry was gained through the other app but I would like to be sure. If it does look like CPG was the entry point I will post back with the results.
It is a mistake to think you can solve any major problems just with potatoes.
Print
Go Up Pages1
User actions