Jump to content

Archived

This topic is now archived and is closed to further replies.

rajkumar86

.temp folder in root is a hack

Recommended Posts

Hi all,

 

 

We are running a oscommerce site, now there is .temp folder in root which contains lots of html files, is this a hack or it is a default oscommerce function also there is flops.php in root , i am not much aware of os commerce . Please any one guide me

 

 

Thanks in advance

Share this post


Link to post
Share on other sites

It does not sound normal. I would suspect it might be a hack, however if you have a template site, you may also have html files in the root.

 

Check your /images directory for files similar to goog1e6546545141.php. Also check your .htaccess for redirects and index.php and application top of eval base64 code.

 

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Then it is confirmed. Your website has been hacked.

 

1) Lock it down using .htaccess to prevent customers from possibly being infected by a virus.

 

2) Download the website to your local machine and use a program like Wingrep to check all of the files for malicious codes. If found, remove it.

 

3) Check the website for anomalous files and folders and remove them

 

4) Upload the cleansed website back to your hosting account.

 

5) Read and install the security patches from the security forum, make sure to install the 5 'must have' security contributions.

 

6) Unlock your store so customers can once again visit it.

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

What DunWeb proposes is more than correct, but if you are still lost,

 

Look for your last backup (it will probably will be infected aswell)

or

Copy all your actual files zip them...

 

Remove sensitive data from it (sql dump with clients... etc... your configure.php is compromised and so it does not matter, you will have to change your keys eventually)

 

Put your files in a zip, and post it somewhere we can see it (mediafire or something like that, or at your own site.... whatever it takes), in order to help you, or to give you further advice...

Share this post


Link to post
Share on other sites

"Put your files in a zip, and post it somewhere we can see it (mediafire or something like that, or at your own site.... whatever it takes), in order to help you, or to give you further advice..."

 

Ignore this. Poor advice. Keep your files to yourself and to your chosen developer (assuming you even need a developer).


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest Responsive osCommerce CE (community edition) here

Share this post


Link to post
Share on other sites

Try this link for a step by step guide on how to disinfect your site.

 

 

Also see this link

 

http://forums.oscommerce.com/topic/369194-my-site-has-been-hacked-by-a-trojan/page__view__findpost__p__1555987

 

HTH

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

Hey burt, i was only trying to help... by posting some PROACTIVE ideas...

 

Ive been working with osc since 2005, used this forum sometimes, learned the hardway... i really wished someone would have offered himselft to helpme like i do now when i had a problem.

 

Its more than clear that this user really needs a developer, or someone who knows a little bit more... he would be asking what he asks... therefore... reading redirections to other tutorial (please guys dont take it personally) may be hopefull but not really helpfull...

 

What i did is to think outside of the box...

 

Im Sorry if thinking different supposes a poor advice...

Share this post


Link to post
Share on other sites

×