Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My site has been hacked by a trojan?


fullcreel

Recommended Posts

David

 

Some links to how to clean your site and almost as importantly how to secure it is in my about me pages in my profile.

 

HTH

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

How to Secure Your Site

 

If you can't recognize "rogue code" when you see it you may have to have someone clean it up for you. Probably not "gratis".

 

Many people who don't have a "clean" backup just erase it all and start over, a little wiser the second time around.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Put your site off line (most hosts have a tool for that in the control panel)

 

Look for your last backup (i will probably will be infected aswell)

or

Copy all your actual files zip them...

 

Remove sensitive data from it (sql dump with clients... etc... your configure.php is compromised and so it does not matter, you will have to change your keys eventually)

 

Put your files in a zip, and post it somewhere we can see it (mediafire or something like that, or at your own site.... whatever it takes), in order to help you, or to give you further advice...

 

 

I guess this proposition is more serious than typing some useless piece of information that you surely dont know what it means. (like talking about htaccess, decode, sqlinjection etc...)

 

Hope

Link to comment
Share on other sites

"Put your files in a zip, and post it somewhere we can see it (mediafire or something like that, or at your own site.... whatever it takes), in order to help you, or to give you further advice..."

 

Please DO NOT do this. Do not just give your files out to anyone. See my "about me" page where I have listed the steps to take to fix a hacked site.

Link to comment
Share on other sites

Hey burt, i was only trying to help... by posting some PROACTIVE ideas...

 

Ive been working with osc since 2005, used this forum sometimes, learned the hardway... i really wished someone would have offered himselft to helpme like i do now when i had a problem.

 

Its more than clear that this user really needs a developer, or someone who knows a little bit more... he would be asking what he asks... therefore... reading redirections to other tutorial (please guys dont take it personally) may be hopefull but not really helpfull...

 

What i did is to think outside of the box...

 

besides... look what he is posting (innitial thread) he is completely lost.... forget about a tutorial, will take a week for him at least

 

anyway, sorry if my opinion on what to do bothers you

Link to comment
Share on other sites

i think what burt is getting at oscar is the user may upload everything like you say without removing the database information from the configuration file and allowing that user to be hacked further.

Link to comment
Share on other sites

Please DO NOT do this. Do not just give your files out to anyone. See my "about me" page where I have listed the steps to take to fix a hacked site.

 

Personally I read this as why give away your site, its' design, and possibly all the product info, customer details etc to anyone and everyone. who happens to stumble across the link.

 

There are several good threads and profiles that go through how to cleanse a site that can be followed by a reasonably thorough person.

 

If you can install contributions and remove code from within scripts you will be able to sort out a high proportion of hacks.

 

That is because it is not possible to list every possible hack and new ones are coming along.

 

HTH

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...