mglenn310 Posted October 7, 2011 Share Posted October 7, 2011 If i was trying to see if someone is hacking My site where would i look for the logs Link to comment Share on other sites More sharing options...
Taipo Posted October 7, 2011 Share Posted October 7, 2011 Assuming your site has not yet been hacked, I would think the better use of time would be to patch the faulty code in your site if you are using the older version of osCommerce. When it comes to the widely distributed type of attacks that have been levelled at osCommerce because of the bypass exploit in the admin login code of the older versions, the attacks are being served from automated servers rather than 'someone' as such trying to hack your site.....well, in 999 out of 1000 cases that is true. So even after you have patched your site with the fix code the attacks will still be coming in, they just will not be successful in completing their tasks. If you want to daily watch the attacks hitting your site while actually having patched your site, then install osC_Sec http://www.oscommerce.com/community/contributions,7834 And enable email notifications. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
mglenn310 Posted October 7, 2011 Author Share Posted October 7, 2011 Well being im new to the OSC and have no clue as to what you are talking about. i guess my time is up to me of how i use it.Thank you for telling me how i should do things. but you lost me in the first line of your post. I don't understand why you guys think every one in this site are developers. Link to comment Share on other sites More sharing options...
mglenn310 Posted October 7, 2011 Author Share Posted October 7, 2011 ok i think i have it installed is there away to test to see if its working Link to comment Share on other sites More sharing options...
Taipo Posted October 8, 2011 Share Posted October 8, 2011 Well being im new to the OSC and have no clue as to what you are talking about. i guess my time is up to me of how i use it.Thank you for telling me how i should do things. but you lost me in the first line of your post. I don't understand why you guys think every one in this site are developers. I don't assume you are a developer. I could tell by your question that you are not one which is why I didn't bother wasting my time explaining to you how to determine what a hack attempt looks like and how to log it, track it, and prevent it. All I did was to point out why that would be a giant waste of time doing so, but feel free to do so just as I felt free to point that out to you. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
Taipo Posted October 8, 2011 Share Posted October 8, 2011 ok i think i have it installed is there away to test to see if its working If you have it installed correctly and have both $banipaddress and $emailenabled enabled correctly in the file osc.php then no doubt you will start to receive email notifications as attacks are levelled at your site. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
mglenn310 Posted October 10, 2011 Author Share Posted October 10, 2011 i have both of them set to ipban set to 1 and my email address in the other Link to comment Share on other sites More sharing options...
Taipo Posted October 10, 2011 Share Posted October 10, 2011 Set $banipaddress back to 0, then go to www.yourwebsite.com/yourshop/index.php/login.php and the page should go blank or post a 'permission denied' error. That is osC_Sec doing that (if it is set up correctly). You wont receive an email until you have both $banipaddress and $emailenabled set to 1, and your site gets attacked. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
mglenn310 Posted October 10, 2011 Author Share Posted October 10, 2011 if i go here http://mywebsite.com/catalog/admin.php i get a error but www.mysite.com/index.php/login.php it wants me to down load a file and if i do http://mywebsite.com/catalog/login.php it take me to the customer login page. so im guessing this is not installed correctly any ideas Link to comment Share on other sites More sharing options...
Taipo Posted October 12, 2011 Share Posted October 12, 2011 Try http://mywebsite.com/catalog/index.php/login.php since its your shop you are wanting to test osC_Sec on ( assuming you installed osC_Sec in http://mywebsite.com/catalog/includes/ ). - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
mglenn310 Posted October 12, 2011 Author Share Posted October 12, 2011 both of them give me the ablity to save or open the login.php file Link to comment Share on other sites More sharing options...
Taipo Posted October 13, 2011 Share Posted October 13, 2011 What happens when you take osC_Sec out of the equation, when you go then to that link ( http://mywebsite.com/catalog/login.php ) do you still get the same results? - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.