Desertsky Posted November 10, 2005 Share Posted November 10, 2005 I have just been informed for the second time that my shopping cart has been hacked with an email program that is sending out spam. It was inserted into the catalog/images directory and the folder name was PHPSM. It contains four PHP files named index.php, head.php, foot.php and mysql.info.php. All files were dated april 24, 2004. I cannot delete or chmod these files! I have asked my hosting service to delete these for me. Anyone know how these get into the catalog? I have checked another install and they are not there. I have installed a few contributions but I hope that these were not the source! Link to comment Share on other sites More sharing options...
MarcoZorro Posted November 10, 2005 Share Posted November 10, 2005 They we probrably uploaded by a hacker that managed to access your admin section or that found a vulnerability in the server configuration. Link to comment Share on other sites More sharing options...
WiseWombat Posted November 10, 2005 Share Posted November 10, 2005 I have just been informed for the second time that my shopping cart has been hacked with an email program that is sending out spam. It was inserted into the catalog/images directory and the folder name was PHPSM. It contains four PHP files named index.php, head.php, foot.php and mysql.info.php. All files were dated april 24, 2004. I cannot delete or chmod these files! I have asked my hosting service to delete these for me. Anyone know how these get into the catalog? I have checked another install and they are not there. I have installed a few contributions but I hope that these were not the source! Hi take a look at this thread. A spammer can use your contact_us.php to send out spam. You will also find the fix in this Thread. http://www.oscommerce.com/forums/index.php?showtopic=162664&hl= ( WARNING ) I think I know what Im talking about. BACK UP BACK UP BACK UP BACK UP Link to comment Share on other sites More sharing options...
Desertsky Posted November 10, 2005 Author Share Posted November 10, 2005 Hi take a look at this thread.A spammer can use your contact_us.php to send out spam. You will also find the fix in this Thread. http://www.oscommerce.com/forums/index.php?showtopic=162664&hl= Thanks fro the link. Although it was mostly unrelated to my issue, it did have some useful information. I found an entire mail bomb program inserted into my oscommerce site. It has been cleand out and I now need to make sure everything is still functioning. Link to comment Share on other sites More sharing options...
Desertsky Posted November 11, 2005 Author Share Posted November 11, 2005 Thanks fro the link. Although it was mostly unrelated to my issue, it did have some useful information. I found an entire mail bomb program inserted into my oscommerce site. It has been cleand out and I now need to make sure everything is still functioning. Well, my hosting service was able to delete all the offending files (about 40 all together). Thanks Hostrocket! They also suggested that I put an index.htm in each directory that would be vulnerable to hacking as this prevents someone from seeing what is in there. A simple redirect to your main site index works. Link to comment Share on other sites More sharing options...
WiseWombat Posted November 11, 2005 Share Posted November 11, 2005 Well, my hosting service was able to delete all the offending files (about 40 all together). Thanks Hostrocket! They also suggested that I put an index.htm in each directory that would be vulnerable to hacking as this prevents someone from seeing what is in there. A simple redirect to your main site index works. Putting an index.html file will work with everything eccept within the admin as it willl create an error when altering setting in the admin mystore as the html index is called rather than the default.php ( WARNING ) I think I know what Im talking about. BACK UP BACK UP BACK UP BACK UP Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.