| Author |
Message |
Satch
New Member
Joined: Mar 05, 2006
Posts: 16
|
 Posted:
Tue May 02, 2006 10:18 am |
|
I really want to use this module as it's easy to install and does what I need it to do. Problem is I've read about the security issues. Evaders99 on nukecops said there were known exploits for 1.3.2 and less (I think he's refering to the standalone). I cruised around looking for exploits for v1.3.x (nuke module version) and so far nothing. The exploits for the module version of coppermine were for v 1.2.x and didn't work for v1.3.1c. Raven also mentioned that it seemed more secure: http://www.ravenphpscripts.com/posts6753-highlight-coppermine.html
If someone mentions links to exploits or was hacked with v1.3.1c specifically then I definitely won't use it but I want to be sure that this version is a real security problem. Gallery 2 is a real pain to install and ditto for 4images (I mean the module versions for both). If it is hackable, are there code tweaks that can be made to secure it? I'm ok in php and if I have a general direction to go in, I might be able to do it myself.
Thanks |
| |
|
|
|
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
| Posted:
Tue May 02, 2006 12:14 pm |
|
well i wouldnt bet on its security....
according to my maild logs/attacks my site gets hit a few times a week .
and those are just related to coppermine.(phpnuke mod)
Ill say it again....whoever installs it,just rename it,why does it have to coppermine ?
just give it another name,all attacks are by remote and allways target with coppermine as name. |
| |
|
|
|
|
Satch
|
| Posted:
Tue May 02, 2006 12:30 pm |
|
Thanks hitwalker.
| Quote: | | according to my maild logs/attacks my site gets hit a few times a week . and those are just related to coppermine.(phpnuke mod) |
You just mean hacking attempts though, right? Not successfully hacks. What version of the nuke mod copppermine are you using?
| Quote: | | Ill say it again....whoever installs it,just rename it,why does it have to coppermine ? |
Do you mean through the admin panel, the actual directory name or both?
Satch |
| |
|
|
|
|
hitwalker
|
| Posted:
Tue May 02, 2006 12:37 pm |
|
well the attacks are targeted towards its files and admin area ,but also theme paths.
no the suckers were never successfull cause my coppermine mod had a different name..
attempts are allways towards , coppermine , gallery , gallery2 , myalbum , ...and a few more..
So the latest version around is i thought 1.3.0c or something like that.
Someone altered the code a bit allowing you as webmaster to sell space for a user album.
Thats the vunerable thing about coppermine,giving away the right to upload. |
| |
|
|
|
|
Satch
|
| Posted:
Tue May 02, 2006 12:59 pm |
|
Thanks for the advice on changing the module name  . But specifically, do you mean the actual directory name, editting the module name through the admin panel or both?
Thanks |
| |
|
|
|
|
hitwalker
|
| Posted:
Tue May 02, 2006 1:04 pm |
|
no...the mod is called as expected... coppermin,rename that before install.
call it paperholder or whatever...
keep in mind that with the latest version as i recall they made a mistake with its top menu,the mod is called by its name,and not the given prefix. |
| |
|
|
|
|
kevinkap
Involved
Joined: Apr 22, 2006
Posts: 356
|
| Posted:
Sun Jun 11, 2006 2:03 pm |
|
I have tried to install the cpg module form ocnuke to ravens latest nuke version. All seemed to go well, however when I go to the coppermine link in the admin, and then try to go to any of the links there, all i get is a page with the left blocks and nothing else. Any suggestions?
I did try their forums first and they suggested I post here, nice! |
_________________
Kevin Kappes |
|
|
|
|
hitwalker
|
| Posted:
Sun Jun 11, 2006 5:36 pm |
|
looks to me some lines are not realy that compatible,i dont run ravens nuke....so i dont know...
for me all worked ok....but i deleted coppermine again,at some point i was asking myself why i even have it,if i put it full with 1000 miss universe pics nobody would even notice...  |
| |
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6433
|
| Posted:
Sun Jun 11, 2006 5:38 pm |
|
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Sun Jun 11, 2006 5:46 pm |
|
Bring on Miss Universe....
And by the way, where did the fishing block go, those were real nice, erm, fish. |
| |
|
|
|
hitwalker
|
| Posted:
Sun Jun 11, 2006 5:50 pm |
|
fishing block?
Huh...
Refresh my memory.....
btw...i still have the hot or not...
but realy....i checked it for a while and the stats for the album was poor...
i didnt expected more....if your a resources site they dont expect eh ...babes.. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
