4images Forum & Community
4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: api984 on December 08, 2006, 04:17:22 PM
-
Images marked with ! denote image file that cannot be found on the server.
All my images are marked with ! . However they are on the server. Not deleted. My 4images gallery has been <hacked> so I dont know what else is damaged. I am working on to solve this problem!
How can i repair this manually??
-
Did you work this out? Did you figure out where the vulnerability is? I had this done to me today.
Running 1.7.3 with all security patches.
Just upgraded the changed files for 1.7.4 and it had no affect.
T
-
I had this happen to me as well. I went to the control panel > settings and found that jpg was not listed as a valid file extension. I added it and everything was fine again. Good luck
-
I'm *positive* you're talking about a completely different issue GMAN.
This was a concern about *hacking*.
Cheers,
T
-
Same boat - This happened to me today as well - All images are on the server...
I did notice that the valid types on my install were all removed and the only valid file type was now "php"
-
I just deleted the search.php file on two of my sites because ti seemd to pose a security threat;
I am not knowledgable enough so if some one can confirm I'd a appreciate it; ANyone one of you who have had this issue please check your files.
Earlier today none of the images on my site displayed (as described above). I discovered that the only file type allowed for the uplaod was php; I reset the file types to jpg, gif, etc. and then went to check my site; I was clicking around and when I clicked "New Images" I got a very disturbing page instead of the regular table with my new images;
This page had a header titled: r57shell 1.23 and basically proceeded to display every setting on my server, including directory structure, paths and the ability to exectue a shell command via form;
This was not right so I canned it...
I eagerly await what anyone else finds and hope that nothing on anyone's sites has been compromised...
-
What version of 4Images are you running?
-
I was running 1.71 but now I have 1.74...
-
What version got hacked?
-
1.71 and I immediately upgraded to 1.7.4 - The file that was hacked was search.html in the templates folder
-
I've been digign through my server; found more stuff...
Also, did some web searches and found this
http://w4ck1ng.com/board/showthread.php?p=13352
-
http://w4ck1ng.com/board/showthread.php?p=13352
Isn't that nice, now you know what they are trying to do and it even tells you when you do certain things they can not do it then.