Community Wiki

From (mt) Community Wiki

This article is intended to help you find old/exploitable versions of timthumb.php on your (gs) Grid-Service Server and replace them with the newest/safest version.

These instructions require you to connect to your (gs) Grid Service via SSH. If you need help doing this, please read this article on (gs):SSH connection first.

WARNING

This fix for timthumb.php will find any file with thumb.php as part of the name and replace it with the newest version of timthumb.php. If you have a file named 'bigthumb.php' that is not a timthumb.php file it will still replace it. A copy of the file will be saved in its place with a .bak extension maintaining the original content.

Instructions

1. SSH into your server as the Server Administrator using your access domain as the hostname. The password will be the same one that you use for SSH or FTP.

   In Mac OS X Terminal or Linux, this command will be:

   
   ssh primary-domain.com@s00000.gridserver.com
   

   When you connect, it will ask you for your password. Typing the password will not produce any characters on the screen for security purposes.

2. Go through any prompts until you get the command prompt, which will look something like this:

   primary-domain.com@n29:~$
   

Check for timthumb.php and find the current version

1. Now you will need to run the following command:

cd ~/ ; find ~/domains/*/html/ -name '*thumb.php' -type f -print -exec egrep "'VERSION'|\"VERSION\"" '{}' \;

Replace timthumb.php

1. Now you will need to run the following command:

cd ~/; wget -O timthumb.php http://timthumb.googlecode.com/svn/trunk/timthumb.php && find ~/domains/*/html/ -maxdepth 10 -name "*thumb.php" -exec cp {} {}.bak \; -exec cp timthumb.php {} \; -exec chmod 200 {}.bak \; -exec egrep -H "'VERSION'" {} \;