One of my CPG installs was hacked One of my CPG installs was hacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

One of my CPG installs was hacked

Started by phill104, October 28, 2008, 07:33:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

phill104

October 28, 2008, 07:33:45 PM Last Edit: October 28, 2008, 09:10:36 PM by phill104
Yesterday one of my  CPG 1.4.19 installs was hacked. I believe it was done not through coppermine but through something it was bridged with but I would like your opinion

The attached file was uploaded to the galleries a number of times. If you've seen it before or know what it does then could you tell me?

It is a mistake to think you can solve any major problems just with potatoes.

aftab1003

#1
October 28, 2008, 07:44:38 PM
i have already post the all information regarding the hack

i am also attacked by the iframe

Joachim Müller

#2
October 28, 2008, 11:22:15 PM
Well, the file you posted is the payload, but it doesn't give a clue how the attack was performed.
Try to access your server logs to see if you can find out more details about the attack itself.

phill104

#3
October 29, 2008, 12:04:38 AM
I shall be bored silly in an hotel tomorrow evening so I will look through the logs then. I'm quite sure entry was gained through the other app but I would like to be sure. If it does look like CPG was the entry point I will post back with the results.
It is a mistake to think you can solve any major problems just with potatoes.
Print
Go Up Pages1
User actions