strungout911 Posted November 12, 2005 Share Posted November 12, 2005 Hi if you look at my page you will see that there is a category now named "I am Hacking". Does anyone know who might be doing this? I simply haven't taken the steps yet to prevent this, for the reason that since I am a newb, it makes it easier sometimes when I need help when people from these forums can look there. I wouldn't necessarily call this hacking, lol. Link to comment Share on other sites More sharing options...
bobg7 Posted November 12, 2005 Share Posted November 12, 2005 Well, if your were to secure your admin area, it might reduce the issue. Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going. Link to comment Share on other sites More sharing options...
Guest Posted November 13, 2005 Share Posted November 13, 2005 Hi if you look at my page you will see that there is a category now named "I am Hacking". Does anyone know who might be doing this? I simply haven't taken the steps yet to prevent this, for the reason that since I am a newb, it makes it easier sometimes when I need help when people from these forums can look there. I wouldn't necessarily call this hacking, lol. I would not do it that way, but if you do, you should PW protect it and give out the PW only to people you trust. Then change the PW after they are done. And I would not give out the PW until after I had backed up my files. Link to comment Share on other sites More sharing options...
Cyber2000 Posted November 13, 2005 Share Posted November 13, 2005 YOU ADMIN AREA IS NOT SECURE. IF YOU GOTO YOUR SITE AND THEN TYPE ADMIN AT THE END, ANYONE CAN GET IT. IF YOU GOTO WWW.TYTEK.CO.UK AND TYPER ADMIN, IT IS SECURE. YOU MUST SECURE IT OR YOUR ENTIRE SITE WILL GO DOWN. READ UP ON HTACCESS - IT IS A MUST Link to comment Share on other sites More sharing options...
Cyber2000 Posted November 13, 2005 Share Posted November 13, 2005 Sorry mate but it looks like your site has been hacked in a serious way ! If you want info on htaccess do a search on google.com it takes some getting used to understanding the way it works but beleive me its well worth it as you probably know by now (no offence) Regards RJ Link to comment Share on other sites More sharing options...
Iggy Posted November 13, 2005 Share Posted November 13, 2005 Uh, hey there guys, Might be more polite when you find a site with an open admin to PM or email them instead announcing it to the world here in the forums. Just a thought. Iggy Everything's funny but nothing's a joke... Link to comment Share on other sites More sharing options...
K3D Posted November 13, 2005 Share Posted November 13, 2005 I blocked all access to admin for him via .htaccess (had to use the inbuilt file manager), hopefully it will preserve at least some of his config. Link to comment Share on other sites More sharing options...
Guest Posted November 13, 2005 Share Posted November 13, 2005 Uh, hey there guys, Might be more polite when you find a site with an open admin to PM or email them instead announcing it to the world here in the forums. Just a thought. Iggy I have found a number of open admin sites and have always notified the owner by PM or email. This is the first time I have seen somebody actually deface a site based on a post in this forum (I am assuming that is what happened). I thought we had a better group here. Telling someone about the risk is one thing, but defacing their site is wrong. Link to comment Share on other sites More sharing options...
strungout911 Posted November 13, 2005 Author Share Posted November 13, 2005 I have found a number of open admin sites and have always notified the owner by PM or email. This is the first time I have seen somebody actually deface a site based on a post in this forum (I am assuming that is what happened). I thought we had a better group here. Telling someone about the risk is one thing, but defacing their site is wrong. Wow, I'm sorry I came home. Really, I knew about securing the admin, but im new so I thought these forums would be the only place anyone would even know about my site. And, I thought would only use it to help. I guess this is my lesson. Not only to secure, but not to trust anyone. I know that 99 of 100 people here are genuine honest people. But I guess that one imature person thought it would be a good idea to "pick on" someone just trying to learn that has little knowledge. So, what do I do now? If anyone might be so kind. Link to comment Share on other sites More sharing options...
Guest Posted November 13, 2005 Share Posted November 13, 2005 it wasn't the forum that got you hacked.. the bad guys always lurk on this forum waiting for newbies to post their url's so they can poke around and see what they can get into. best thing to do in your situation would have been to simply post your question in graphic detail and if anyone required more info, pm them the url.. then if your site got defaced you'd know who did it. do you have a backup of your files and database? simply restore them and be sure to rename your /admin folder to something only you know.. patch up any security holes (read the bug fixes) and never post a "noobie" question in a support forum asking about security.. then showing your url :) Link to comment Share on other sites More sharing options...
Jeremy at oddly enough Posted November 13, 2005 Share Posted November 13, 2005 Had you done a lot of modification to your site yet? If not, no big loss, you can delete what there is from your server, reload a fresh version (do not neglect to add an htaccess file to protect your admin panel before uploading!), and start again. The hacker may not have come from here, oscommerce sites can easily be found through google, etc., if they've left the footer intact. If you have done some modding, hopefully you have an uncorrupted backup elsewhere that you can use to restore to. Jeremy Link to comment Share on other sites More sharing options...
strungout911 Posted November 13, 2005 Author Share Posted November 13, 2005 Thank you for the information no I haven't done too much to site yet. Aside from spending the time to install a couple contributions. I have a another problem with this but i'm too scared to ask it here now. I think i'll PM you, eww and Jeremy and ask if it's safe to post. Link to comment Share on other sites More sharing options...
Guest Posted November 13, 2005 Share Posted November 13, 2005 feel free to pm away, if i'm not sure of the answer i'll direct you about what NOT to post in the forums when asking for help ;) Link to comment Share on other sites More sharing options...
Iggy Posted November 13, 2005 Share Posted November 13, 2005 Thank you for the information no I haven't done too much to site yet. Aside from spending the time to install a couple contributions. I have a another problem with this but i'm too scared to ask it here now. I think i'll PM you, eww and Jeremy and ask if it's safe to post. Here's about the only things not to post: Login/Passwords - whether to your (now secured admin) or in your config files if you need to post them for people to look at. Just zap them in your post with xxxxxxx. That's about all you really need to worry about when posting. The open by default admin is a known problem but not if you're new. The file manager is close to worthless though so if you'd like a little more peace of mind find /catalog/admin/includes/boxes/tools.php and remove this line '<a href="' . tep_href_link(FILENAME_FILE_MANAGER) . '" class="menuBoxContentLink">' . BOX_TOOLS_FILE_MANAGER . '</a><br>' . No reason to make it easy if someone does find their way into your admin. HTH, Iggy Everything's funny but nothing's a joke... Link to comment Share on other sites More sharing options...
AlanR Posted November 13, 2005 Share Posted November 13, 2005 The file manager is close to worthless though so if you'd like a little more peace of mind find /catalog/admin/includes/boxes/tools.php and remove this line '<a href="' . tep_href_link(FILENAME_FILE_MANAGER) . '" class="menuBoxContentLink">' . BOX_TOOLS_FILE_MANAGER . '</a><br>' . No reason to make it easy if someone does find their way into your admin. HTH, Iggy Todays (yesterdays actually) update: http://www.oscommerce.com/solutions/downloads includes a fix for the file manager: http://www.oscommerce.com/ext/update-20051...l#_Toc119473695 Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Cyber2000 Posted November 13, 2005 Share Posted November 13, 2005 Hello All I have helped many people on here in the short time that I have been a member. And yes you are ALL right not to deface or insult someone or their site. I think it may have been my comments. Not sure but if it was me I truly apologise. Meant no harm or insults and if I can help in anyway please let me know. once again my apologies. RJ Link to comment Share on other sites More sharing options...
GraphicsGuy Posted November 13, 2005 Share Posted November 13, 2005 Hello All I have helped many people on here in the short time that I have been a member. And yes you are ALL right not to deface or insult someone or their site. I think it may have been my comments. Not sure but if it was me I truly apologise. Meant no harm or insults and if I can help in anyway please let me know. once again my apologies. RJ Actually, I don't think your comments were all that offensive. It was more the all caps. In netiquette using all caps is considered shouting. Just something to keep in mind - watch out for the old cap lock button. Rule #1: Without exception, backup your database and files before making any changes to your files or database. Rule #2: Make sure there are no exceptions to Rule #1. Link to comment Share on other sites More sharing options...
Guest Posted November 13, 2005 Share Posted November 13, 2005 I blocked all access to admin for him via .htaccess (had to use the inbuilt file manager), hopefully it will preserve at least some of his config. He cannot access .hta files using his contol panel, so he is effectively locked out of admin now. Link to comment Share on other sites More sharing options...
Cyber2000 Posted November 13, 2005 Share Posted November 13, 2005 sorry about the caps - was not meant to shout and no i did not know that caps meant shouting as i hardly ever use chatrooms or know it terminology. sorry again and thanks for your understanding. i hope you get you site up and running. Link to comment Share on other sites More sharing options...
K3D Posted November 13, 2005 Share Posted November 13, 2005 He cannot access .hta files using his contol panel, so he is effectively locked out of admin now. I doubt that he is majorly locked out. All he has to do is upload another admin directory under a different name from his backup, then edit the .htaccess from the inbuilt file manager. I have offered to help in PM if he has a problem with what I have done. So your posting that is a non issue. He did upload a .htaccess file in order for a SEO contribution so he must be able to up a clean .htaccess file. Link to comment Share on other sites More sharing options...
strungout911 Posted November 13, 2005 Author Share Posted November 13, 2005 cyber2000 - Please don't think that. No one here has ever offended me. about the .htaccess, that was put in through the admin tools. Link to comment Share on other sites More sharing options...
KaiAnimation Posted November 13, 2005 Share Posted November 13, 2005 I have found one osCommerce website with an unsecure admin. It was a site that I happened across when surfing. I find it interesting to see the osCommerce format just in my everyday websurfing travels. I wrote to the webmaster to tell them about securing their admin section. They never wrote back, but their site was secure the next day. I had never considered that someone could be waiting for a new site to ask questions here on the forum and then in turn go into their unsecure admin section and start messing around. It is posts like this one that help people more than they look on the surface. If I'm giving advice, it is based on what path I would take to fix your problem. My path may be wrong. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.