Jump to content
Latest News: (loading..)
Sign in to follow this  
swguy

Contribution: SysCheck for osCommerce

Recommended Posts

This contribution provides a quick way to assess your site's security and check for possible hacks by checking the following:

 

* the presence of admin/file_manager.php

* admin users

* php scripts in the images directory

* directories with permissions other than 0x755

* php files which include "eval" (this is an known exploit vector).

* files with permissions other than 0x644

 

Download here:

http://addons.oscommerce.com/info/7026


Contributions: Better Together and Quantity Discounts, for osCommerce 2.2, 2.3.x and 3.0. See my profile for more details.

Share this post


Link to post
Share on other sites

SysCheck has been updated to do more extensive tests for scripts in unexpected places; in addition to checking for .php files, it now checks for .pl, .py and .cgi filetypes.

 

Download here:

http://addons.oscommerce.com/info/7026


Contributions: Better Together and Quantity Discounts, for osCommerce 2.2, 2.3.x and 3.0. See my profile for more details.

Share this post


Link to post
Share on other sites

After running the syscheck by entering the address in the browser window, I get a large list of files under Files with incorrect permissions. Vast majority is the images. The permissions for such images, is set at 755. It is my understanding this is correct.

 

So why does syscheck show them having incorect permission code? The only way I found to have not be listed under Files with incorrect permissions is by setting the image to 444.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×