Bad Content and advertisements hidden in source Bad Content and advertisements hidden in source
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Bad Content and advertisements hidden in source

Started by maitrep, February 14, 2009, 11:01:38 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

maitrep

We run our photo gallery on a hosted server with our website, not locally.

Recently I noticed that search engines were bringing up unusual content from our gallery pages - it looks like something has been inserting a page of spurious bad advertisement content with links into our gallery pages.  These are not visible to the user, but only when you right click and 'view source'.  A sample is attached in the text file sample.txt

I upgraded to 1.4.20 thinking that may solve it, but it doesn't seem to help.

Our gallery is here: http://www.maitlandrepertory.com/index-09-gallery.html

Any ideas on this?





Fabricio Ferrero

Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Aeronautic

Looks like you have been hacked.

He is not complaining about the Coppermine credit/link.

This is what he is seeing:

<h6>BINTAN RESORT HOTEL PROMOTION</h6> <a href="http://www.pferdefotos-sh.de/index.php/?info=562">bintan resort hotel promotion</a><!--807471061--><h4>GLIPIZIDE METFORMIN</h4> <a href="http://www.defex.de/gallery/displayimage.php/?show-page=924">glipizide metformin</a><!--839917276--><h1>FREE NOKIA N70 MUSIC EDITION THEMES</h1> <a href="http://www.sassy-graphics.com/debbiesdreams/wp-login.php/?free=924">free nokia n70 music edition themes</a><!--229465833--><h4>GERMOLENE CREAMS IN TREATMENT OF ACNE</h4> <a href="http://test.djmixing.net/index.php/?show-page=190">germolene creams in treatment of acne</a><!--28053567--><h7>WHAT IS PLENDIL</h7> <a href="http://kampeli.com/albumi/login.php/?rx-info=41">what is plendil</a><!--109685714--><h4>AAA TRAVEL CLUB PENNSYLVANIA</h4> <a href="http://xl8r.com/galleria/displayimage.php/?item-id=300">aaa travel club pennsylvania</a><!--259318370--><h7>CHILDRENS DOSAGE FOR MELATONIN</h7> <a href="http://bayanaul.findtopjob.com/photos/displayimage.php/?take=268">childrens dosage for melatonin</a><!--518722247--><h1>WHAT IS ACIPHEX MEDICATION USED FOR</h1> <a href="http://lyndaenglishstudio.net/cpg/displayimage.php/?show-drug=274">what is aciphex medication used for</a><!--163812363--><h6>TIZANIDINE HYDROCHLORIDE ZANAFLEX CAPSULES</h6> <a href="http://handuraw.com/gallery/thumbnails.php/?pharmacy=41">tizanidine hydrochloride zanaflex capsules</a><!--436145685--><h2>VIAGRA GENERIC DRUG NAME</h2> <a href="http://www.knoxcommunitychurch.com/pictures/displayimage.php/?get-info=264">viagra generic drug name</a><!--176604706--><h5>CYSTONE TABLETS 100</h5> <a href="http://www.everlands.co.uk/forum/memberlist.php/?show-info=406">cystone tablets 100</a><!--208785580--><h7>ACNE SCARS REDUCING CREAMS</h7> <a href="http://album.nerdtroop.com/cpg1410/displayimage.php/?rx-info=301">acne scars reducing creams</a><!--658271603--><h4>ULTRACET PAIN PILL</h4>

Aeronautic

I'd not viewed the site before responding - just looked at the attached file.

1) I could see the Coppermine credit at the uri - maybe they put it back?
2) I could not see any malicious links/code.
3) Perhaps these were simply html comment spam and the OP figured out how to delete them? There were no comments at all when I looked.

I'd have edited my post but I can't.




Fabricio Ferrero

#4
QuoteHe is not complaining about the Coppermine credit/link.
I know.

Aeronautic, You can't give support to users that run "ilegal copies" of CPG, please respect board rules.


To clear this out: Aeronautic post at the same time I was posting, so both of my reply are togheter.
Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Fabricio Ferrero

Quote1) I could see the Coppermine credit at the uri - maybe they put it back?
Could you please attach an image?  ::)

I really don't see it where it should be.
Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Aeronautic

@Fabricio

I think from your edit that you knew I was not trying to disrespect the board rules.  :)

I'll let the OP provide the proof of the CPG link and step aside from this thread.


Fabricio Ferrero

@Aeronautic: I was posting when you were posting. I know that you're not trying to disrespect board rules, anyways, I remembered you that you can't offer support for an "ilegal copy" of CPG. That's all. ;)


@maitrep: Sorry for cluttering the topic this way. Anyways, restore the link back. Not only in the album pages but in the Main page of the gallery too. Then, you'll have free and speedy support. :)
Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Nibbler

The footer has not been removed; the gallery is just stuck in an iframe that cuts off half the page.

The ad code is gone, but it will take time for the search engines to update - the links will still appear there for a while.

maitrep

Thanks

I'll wait and see if the search engine results improve.  Was it a bug in my previous version or has the site been hacked?

I'm sure the "Powered by Coppermine Photo Gallery" link is on all necessary pages.  I just used the link now.

See you

Joachim Müller

Instead of using an iframe to disguise the real URL of your gallery (http://www.maitlandrepertory.com/gallery/), why don't you just create a custom theme that matches your overall site's design? This will be a much better solution. Additionally, your search engine relevance will increase.