| Author |
Message |
Panthera
Hangin' Around
Joined: May 16, 2004
Posts: 28
Location: Northern California, USA
|
 Posted:
Thu Aug 26, 2004 3:36 pm |
|
I got what my provider called a UDP.CGI file. I found RANDOMHTML.CGI had been uploaded into my cgi-bin
How????? 
I'm running phpnuke 7.4 and Sentinal 2.0.1 |
| |
|
 
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2496
|
| Posted:
Thu Aug 26, 2004 3:40 pm |
|
Scour your logs search for the filename if host provided it. |
_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 |
|
|
|
|
sixonetonoffun
|
| Posted:
Thu Aug 26, 2004 3:48 pm |
|
DOH! guess ya know the filename lmao!
| Quote: |
I found RANDOMHTML.CGI
|
There should be some indication there unless they got really tricky and deleted the logs and so on. |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Thu Aug 26, 2004 4:35 pm |
|
See the news items and posts concerning the eggdrop from My_eGallery and Coppermine. That exploit allows the uploading to about any directory on your server. |
| |
|
|
|
|
Panthera
|
| Posted:
Fri Aug 27, 2004 7:42 pm |
|
Thanks Raven. I'm looking into trashing the version that goes with phpnuke and use the stand-alone. Its *supposed* to not be so vulnerable.
Or, do you, or anyone for that matter, know of a good photo album that doesnt get defaced/hacked every 2 mins?
I'm so new and so frustrated!
Thanks!
Panthera |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Fri Aug 27, 2004 8:13 pm |
|
I think Menalto Gallery is the best maintained Gallery. If there is a required patch it gets released as a incremented version not some post on some forum by somebody who may or may not know wtf they are talking about. On the other hand it doesn't have a ton of neat java blocks with it to lag the living heck out of your site but...
Don't get me wrong Coppermine is a great concept but it seems to be that the more they go in the direction of CPG-Nuke and their cart the less important the PHPNuke version becomes.
http://gallery.sourceforge.net/
additional faq and answers
http://www.nukedgallery.net/ |
| |
|
|
|
|
oprime2001
Worker
Joined: Jun 04, 2004
Posts: 119
Location: Chicago IL USA
|
| Posted:
Fri Aug 27, 2004 8:40 pm |
|
| Panthera wrote: | I got what my provider called a UDP.CGI file. I found RANDOMHTML.CGI had been uploaded into my cgi-bin
How?????
I'm running phpnuke 7.4 and Sentinal 2.0.1 |
Are you sure that RANDOMHTML.CGI was recently created/uploaded? One of my hosts provides that script in their list of pre-installed CGI scripts. Only registered users can see links on this board! Get registered or login! (courtesy of google). |
| |
|
|
|
|
Doodle
Hangin' Around
Joined: Jan 26, 2004
Posts: 46
Location: 127.0.0.1
|
| Posted:
Fri Aug 27, 2004 9:34 pm |
|
I switched all my site's galleries from 4nalbum and coppermine to Gallery. Once I got it installed...wow what and awesome script. I've been using the experimental Windows XP reghack with the Web Publishing wizard...wow is all I can say. Just a few minutes to upload an entire folder, resize it and post it. |
_________________
Independent Network Solutions
www.insglobal.net
www.indnet.ca
www.joombug.net |
|
 
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
