Recent Topics

coppermine HACKED -> code insert into b2evo

Started by on Apr 01, 2009 – Contents updated: Apr 01, 2009

Apr 01, 2009 11:47    

Hello,

I use b2evo 1.10.3 and I was hacked on 28 or 29 march 2009 because of a Coppermine installed on the same host.

On each page, I found the following code after <body>

Code

<body><div id='twowg'><script>b='hid';c='den';d=0;a=document.getElementById('twowg');if(a){a.style.position='absolute';a.style.height=d+'px';a.style.overflow=b+c;}</script><!--255811774--><h3>CANON EF 90 300MM</h3>
[...]
</div>

You can see it here using "view source"
http://daury.net/phpbb/index.php

[Edit: source of hack found]

Apr 01, 2009 14:07

Thanks a lot !!!! I will delete / or upgrade coppermine asap.

Apr 01, 2009 14:12

You need to checkout your index.php for b2evo as well, it *should* show you where the file is that's creating all the links ;)

¥

Apr 01, 2009 14:56

I think I will delete all folders then push a fresh version.

For now I dropped the entire site.

I'm asking myself if I have time to migrate to b2evo 2.4.6 ;-)

Oct 30, 2009 11:35

Lol. That happened to me before. I thought it was b2evo's fault but then it was in the gallery itself.

Regards,
Magent


Form is loading...

powered by b2evolution – This forum is powered by b2evolution CMS, a complete engine for your website.