Site Hacked! Site Hacked!
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Site Hacked!

Started by mobile, March 30, 2006, 07:36:28 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

mobile

I am running the latest version (1.4.4) and my site was hacked today. Here´s some info and I hope you take it as a lesson and please help me out also!

1) Yesterday a user uploaded a rar file, but I deleted that. Could this have something to do with the hacking?

2 ) I found a php page in my userpics folder that was named Haxplorer. I will nopt post the file here, but if you are interested I can send it to you.

QuoteHaxplorer is a server side file browser wich (ab)uses the directory object to list the files and directories stored on a webserver. This handy tools allows you to manage files and directories on a unsecure server with php support.

This entire script is coded for unsecure servers, if your server is secured the script will hide commands or will even return errors to your browser...

3) What should I do to protect myself? How is my server unsecure? When I run the coppermine version check it says:
QuoteThe folder "sql" is writable. This is an unnecessary risk, coppermine only needs read/execute access.
The folder is 755. What should I change it to?

4) Anything else I should do know? What usernames and passwords should be changed after this?












 *Link Removed*

Joachim Müller


mobile

Yes thanks I read those.

What about the proper CHMOD settings for albums. Is it 777, 755 or something else?

Thanks!
 *Link Removed*

Nibbler

That depends on your server setup, it needs to be writable for whatever user your webserver runs php scripts as.

Aeronautic

Quote from: GauGau on March 30, 2006, 11:38:07 PM
http://forum.coppermine-gallery.net/index.php?action=search2;search=rar

When I run that search by clicking that link I get this:
Quote
Set Search Parameters
Your query was not specific enough. Try using larger words, or less common phrases.

Is there a credible, detailed thread? Thanks!

Joachim Müller


Aeronautic