Hacked

strokesfan · January 30, 2006, 12:28:43 AM

My coppermine gallery was recently hacked into and pictures were deleted and so was my account. Is there any way I can still log in to coppermine or do I have to start from the beginning?

Joachim Müller · January 30, 2006, 01:10:51 AM

use a third-party tool like phpMyAdmin to directly access your database. Browse coppermine's users table, edit your admin account accordingly. Make sure to remove all possible backdoors the attackers might have left - I even suggest getting professional help if your site isn't just a hobby.

strokesfan · January 31, 2006, 02:49:45 AM

How do you find out which one is their table? I am asking for professional help but they aren't familiar with coppermine but will try to figure it out.

kegobeer · January 31, 2006, 02:51:29 AM

How were you hacked? What version of Coppermine are you running? Are you sure you were hacked thru a Coppermine vulnerability? Maybe someone guessed your admin password?

strokesfan · January 31, 2006, 05:10:53 AM

My password is too weird for anyone to guess. Pretty sure I'm using the latest coppermine. I installed it in Nov 2005.

Joachim Müller · January 31, 2006, 06:24:36 AM

link?

kegobeer · January 31, 2006, 12:58:19 PM

Again - what version of Coppermine? "The latest" doesn't really identify the version you are using.

strokesfan · February 02, 2006, 04:45:43 AM

I decided to just reinstall it. They deleted all of the pictures so I couldn't have gotten it working even if I used the admin account they made. Thanks anyways everyone

Joachim Müller · February 02, 2006, 10:43:49 AM

If they had left a backdoor (I would if I was a script kiddie), they could still re-gain access. I don't understand why you're not doing as suggested and post a link. If you don't need actual support though, that's fine.
Anyway, marking this thread as "solved".

Tarique Sani · February 02, 2006, 11:40:44 AM

I guess it should be marked 'bogus' rather than 'solved' saying solved implies that Coppermine was actually hacked - we have no evidence of the same happening ....

Joachim Müller · February 02, 2006, 02:41:31 PM

hehe, Thu already flagged it as "invalid", that's a wise workaround (as we don't have "bogus" as an option to flag a thread yet)

@strokesfan: I'm afraid this will possibly happen to you again (getting your site hacked) if you don't accept what supporters tell you to do. You should have been more specific as well what you mean by saying that your site got "hacked": has it been defaced, or has the attacker just ruined things (deleting pics etc.)
We're not happy to have threads that yell "hacked" in the subject line without making sure that it was actually coppermine that got hacked due to a code vulnerability. Although you haven't accused coppermine to be the culprit, this thread leaves a sore taste in the throat. We would have prefered it if you would have been more cooperative both for your benefit (having possible vulnerabilities on your site locked) as well as for us (having a clean reputation or fixing possible security threads/bugs that we're not aware of).

Bottom line: please do as suggested, we're only trying to help.

coppermine-gallery.com/forum

News:

Hacked

strokesfan

Joachim Müller

strokesfan

kegobeer

strokesfan

Joachim Müller

kegobeer

strokesfan

Joachim Müller

Tarique Sani

Joachim Müller