coppermine HACKED -> code insert into b2evo

1 slamp Apr 01, 2009 11:47

Hello,

I use b2evo 1.10.3 and I was hacked on 28 or 29 march 2009 because of a Coppermine installed on the same host.

On each page, I found the following code after <body>

<body><div id='twowg'><script>b='hid';c='den';d=0;a=document.getElementById('twowg');if(a){a.style.position='absolute';a.style.height=d+'px';a.style.overflow=b+c;}</script><!--255811774--><h3>CANON EF 90 300MM</h3>
[...]
</div>

You can see it here using "view source"
http://daury.net/phpbb/index.php

[Edit: source of hack found]

2 yabba Apr 01, 2009 14:02

AFAIK it's not b2evo that's been hacked it's your coppermine gallery that's been hacked.

See if this post helps http://forums.b2evolution.net/viewtopic.php?t=17247&highlight=hacked

3 slamp Apr 01, 2009 14:07

Thanks a lot !!!! I will delete / or upgrade coppermine asap.

4 yabba Apr 01, 2009 14:12

You need to checkout your index.php for b2evo as well, it *should* show you where the file is that's creating all the links ;)

5 slamp Apr 01, 2009 14:56

I think I will delete all folders then push a fresh version.

For now I dropped the entire site.

I'm asking myself if I have time to migrate to b2evo 2.4.6 ;-)

6 magenta Oct 30, 2009 11:35

Lol. That happened to me before. I thought it was b2evo's fault but then it was in the gallery itself.

Regards,
Magent

Form is loading...

coppermine HACKED -> code insert into b2evo

1 slamp Apr 01, 2009 11:47

2 yabba Apr 01, 2009 14:02

3 slamp Apr 01, 2009 14:07

4 yabba Apr 01, 2009 14:12

5 slamp Apr 01, 2009 14:56

6 magenta Oct 30, 2009 11:35

About b2evolution

Downloads

About us

Webhosting Guide

Docs & Support

Other

Stay in touch