MWPSK hacked!

Topics: Developer Forum
Dec 6, 2010 at 8:37 AM

All of our websites are hacked through the image upload tool of MWPSK called: ftb.imagegallery.aspx
They have uploaded 1.aspx in the image map, and then execute this via the browser path:!!!
This is the know trojan ASPXspy.

They can upload and execute any script they want!!

Please advise how to stop this?

Dec 7, 2010 at 10:42 AM

Hi Mika,

thanks for bringing this to our attention!

The easiest countermeasure is to put a web.config into the directory where the Images get stored that denies access to any non-Image-File.

The web.config needs to contain the following:

<deny users="*" /> 




Dec 7, 2010 at 1:53 PM

Alright, the web.config didn't completely fix the problem as the ftb component could be tricked into writing stuff somewhere else. By now MRAatFC fixed the problem and uploaded a patched version of MWPSK.

Thanks again for catching this bug and thanks MRAatFC for fixing it!


Dec 7, 2010 at 2:41 PM

The patched version did not protect my server, for hackers to upload image files etc.
So they can use my server as a free database server for their images, and put the links to their images on other servers....