I recieved this message from my server provider (doteasy):
QuoteIt has come to our attention that one of your PHP script (http://www.countryluau.com/Photos/albums/userpics/10014/shellx.php) was hacked and hacker had already sent alot of phishing mails from your website. All affected folders and files are disabled. Please consider to upgrade or change your script as soon as possible.
I am using version 1.4.1.0 (wasnt aware of the new release) and I no longer have acces to the gallery (permission denied). I cant even delete it. Any ideas?
- Either try to chmod/chown those folders or Contact your host and ask them to unlock (set proper permission) those folders for you to upgrade
- Also you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums
QuoteAlso you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums
Is this true for all versions of CPG, including v1.4.12 - I mean deleting all .php files except index.php ??
You shouldn't have any php file under albums folder expect index.php , yes it's apply to 1.4.12 version too
Keep in mind this apply to those php files within albums folder and albums's child folders
Do not delete any other php file
CHMOD didnt work. I restored a backup of my web site from two weeks ago and still couldnt access the file. I tried to contact doteasy, but I havent heard back from them. Weekend I guess. I can access the file through my SQL admin program and wonder if there is anything in there I can do. I couldnt find the offending file (shellx.php) but that's probably because I restored the site. Is there any way to copy the photo folder to another renamed file and reinstall? I would just reinstall in a different folder, but I've got over 400 photos in there.
Do not install new gallery , do not touch your mysql db just restore your backup to a new folder and see if it's working and then if it works upgrade it to the most recent version (currently cpg1.4.12)