Gallery Hacked Gallery Hacked
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Gallery Hacked

Started by jmcnyc, December 03, 2007, 02:54:58 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

jmcnyc

I seemed to have the rar file upload problem.  I upgraded to the latest version 1.4.14 - and searched my pictures and deleted all rar files in the gallery.

This did not work.

When I ftp into the site - and browse the albums folder - I see the folder for user pics has been changed to uerpics.  Inside this folder I only have one numbered folder - although my site has hundreds of pictures.  Inside this one folder is a file bvrbrbrebreb.php.rar  I can not delete this file - don't have the right permissions.

I was worried that all the images were gone - but when I browse the database - I see the images. 

Any ideas how to get rid of the rar file - and repair what has gone wrong?

I can give the link to my site - it may be questionable content for some - so would prefer to give it out one-on-one

Nibbler

If the files are not on the disk then you have lost them. Best thing to do is delete your Coppermine folder completely and restore from a backup. If you have permissions issues then contact your host.

jmcnyc

Quote from: jmcnyc on December 03, 2007, 02:54:58 AM
I seemed to have the rar file upload problem.  I upgraded to the latest version 1.4.14 - and searched my pictures and deleted all rar files in the gallery.

This did not work.

When I ftp into the site - and browse the albums folder - I see the folder for user pics has been changed to uerpics.  Inside this folder I only have one numbered folder - although my site has hundreds of pictures.  Inside this one folder is a file bvrbrbrebreb.php.rar  I can not delete this file - don't have the right permissions.

I was worried that all the images were gone - but when I browse the database - I see the images. 

Any ideas how to get rid of the rar file - and repair what has gone wrong?

I can give the link to my site - it contains adult content - so would prefer to give it out one-on-one


jmcnyc

Has this rar virus in the past done this much harm?  Deleating all the image folders?

When I delete my coppermine install - and start over again - can I export my user registration database and import it for the new install so my users dont need to re-register?

Thanks.

Nibbler

It's not a virus. It gives the attacker control over your webspace, so they can choose to do whatever they like.

You can, but check it first for any extra admin accounts that shouldn't be there.

dke

and how does someone get affected by this problem? am i safe? (currently running 1.4.14 CPG)

Nibbler

You get affected if you don't keep Coppermine updated. 1.4.14 is the latest version so it is safe.