Techy: Outdated Coppermine Finder

August 10th, 2006 by Richy B. Leave a reply »

Whilst on the subject of outdated cPanel based things, I’ve just put together a quick little script to scan a cPanel based webserver for outdated Coppermine Photo Gallery installations.

As the notes state, the script isn’t pretty, it isn’t efficient, but it works.

Comments/feedback are appreciated.
Coppermine Gallery Outdated installation checker v0.01

Set $disableandemail to 1 to disable the scripts and email the users.


#!/usr/bin/perl
# Coppermine Gallery Outdated installation checker
# Suitable for cPanel servers
# Checks for unpatched files covered in
# http://coppermine-gallery.net/forum/index.php?topic=31671.0 and
# http://coppermine-gallery.net/forum/index.php?topic=32413.0
#
# Written by Richard Chiswell. http://www.rac.me.uk
# 11-Aug-2006.
# Script revision: 0.01 (it works, but it ain't pretty or efficient)
#
print "Searching for coppermine files...\n";
$disableandemail=0;
while(@PW=getpwent()) {
if (-d "$PW[7]/public_html" && -e "/var/cpanel/users/$PW[0]") {
$username=$PW[0];$path=$PW[7];
system("find ".$path."/public_html/ -type f -name usermgr.php -print > /root/coppermine.txt");
open(VA,"< /root/coppermine.txt") || die("Unable to open /root/coppermine.txt");
while (<VA>) {
$filename=$_;$linecount=0;$found=0;$revision=0;
open(FILE,"< $filename") || die("Unable to open $filename");
while ($linecount<20 && $found==0) {
$line=<FILE>;
if ($line=~/\$Revision: ([0-9\.]+)/) { $revision=$1;$found=1; }
$linecount++;
}
close(FILE);
$filename=~s/(\n|\r)//g;
if ($found==1) {
if ($revision<3116) {
$scriptpath=$filename;
$scriptpath=~s/$path//;
sendwarning($username,$path,$scriptpath,$revision,$filename,$disableandemail);
}
}
}
close(VA);
# check for other vunerability
system("find ".$path."/public_html/ -type f -name functions.inc.php -print > /root/coppermine.txt");
open(VA,"< /root/coppermine.txt") || die("Unable to open /root/coppermine.txt");
while (<VA>) {
$filename=$_;$found=0;$vunerable=1;$ver='';
if (!($filename=~/include\/functions.inc.php/)) { print "Not match\n";next; }
open(FILE,"< $filename") || die("Unable to open $filename");
while (<FILE>) {
$line=$_;
# do a few checks to see if we have found coppermine
if ($line=~/Coppermine version: 1\.([0-9\.][0-9\.][0-9\.])/) { $found+=1;$ver=$1; }
if ($line=~/Coppermine Photo Gallery 1\./) { $found+=1; }
if ($line=~/get_meta_album_set_data/) { $found+=1; }
if ($line=~/Coppermine critical error/) { $found+=1; }
if ($line=~/obscure, misdocumented/) { $vunerable=0; }
}
close(FILE);
$filename=~s/(\n|\r)//g;
if ($found>4) {
if ($vunerable==1) {
$scriptpath=$filename;
$scriptpath=~s/$path//;
sendwarning($username,$path,$scriptpath,$ver,$filename,$disableandemail);
}
} # close found>4 loop
} # close va loop
close(VA);
}
}

sub sendwarning {
my ($username,$userpath,$path,$version,$filename,$send)=@_;
open CONTACTEMAIL , "<".$userpath."/.contactemail";
chomp(my $user_email = <CONTACTEMAIL>);
close CONTACTEMAIL;
if ($send==1) {
open SENDMAIL, "|/usr/sbin/sendmail -t";
print SENDMAIL "To: <$user_email>\n";
print SENDMAIL "From: security\@$hostname\n";
print SENDMAIL "Subject: Vulnerable Coppermine Gallery Warning!\n\n";
print SENDMAIL "*** DO NOT REPLY TO THIS EMAIL: YOUR REPLY WILL *NOT* BE READ ***\n\n";
print SENDMAIL "Hello,\n\n";
print SENDMAIL "A recent server security scan revealed that your site has a vunerable Coppermine Photo \n";
print SENDMAIL "Gallery file at $path . According to this automated scan, this file is revision/version $version \n";
print SENDMAIL "which is known to have security vunerabilities.\n";
print SENDMAIL "To help ensure the security of the server we are asking you to update your Coppermine insall\n";
print SENDMAIL "to the latest version.\n";
print SENDMAIL "To protect against this being abused, the file at $path has been disabled.\n";
print SENDMAIL "The latest known version of Coppermine is version 1.4.8 . Please upgrade\n";
print SENDMAIL "*** DO NOT REPLY TO THIS EMAIL: YOUR REPLY WILL *NOT* BE READ ***\n\n";
close SENDMAIL;
system("chmod a-rx $filename");
} else {
print "Would have sent to $user_email ($username) about version $revision at $path (filename $filename)\n";
}
}

This post is over 6 months old.

This means that, despite my best intentions, it may no longer be accurate.

This blog holds over 12 years of archived content - during that time, I may have changed my opinion of something, technology will have advanced (and old "best standards" may no longer be the case), my technology "know how" has improved etc etc - it would probably take me a considerable amount of time to update all the archival entries: and defeat the point of keeping them anyway.

Please take these posts for what they are: a brief look into my past, my history, my journey and "caveat emptor".

Comments are closed.

gamy-dance
%d bloggers like this: