Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

HELP!! Store HACKED!!! What do I do?


QueenKat

Recommended Posts

that's terrible. please tell me you have a backup on your local machine.

 

 

I think I do! What do I do???

 

If I don't what do I do??

 

If I loaded the store back to the last back up I made to the server, will that fix the problem??

Link to comment
Share on other sites

You don't necessarily to to completely upload everything. Look:

 

http://katstamps.com/product_info.php?products_id=646

 

It's most likely a damaged index.php

 

The real question is what did they do and how? Don't just overwrite that index.php or you'll learn nothing.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

help please!! my store has been hacked. what do I do? www.katstamps.com

 

You most certainly should be contacting your hosting company about this if you have not already. You need to take a look at the logs and find out what happened.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

You don't necessarily to to completely upload everything. Look:

 

http://katstamps.com/product_info.php?products_id=646

 

It's most likely a damaged index.php

 

The real question is what did they do and how? Don't just overwrite that index.php or you'll learn nothing.

 

 

they got more then the index file! when I click on a link to the left on the link you gave me, it says hacked!!

 

How can someone hack into my site???

Link to comment
Share on other sites

they got more then the index file! when I click on a link to the left on the link you gave me, it says hacked!!

 

How can someone hack into my site???

 

if you notice, when you click on that link, it is pulling from the index file... it appears just your index was touched.

 

reupload that index.php and contact your host.

Link to comment
Share on other sites

if you notice, when you click on that link, it is pulling from the index file... it appears just your index was touched.

 

reupload that index.php and contact your host.

 

There are many ways to hack a site.

 

If your host was running global_register as on, there is one way in if you have insecure permissions on some of your directories.

 

MySql injection attacks are another.

 

The most common and overlooked are poor passwords. Many people use the name of their animals or family members all of which are in the latest brute force attack tools.

 

Was your password a combination of upper/lower case with numbers in it?

Link to comment
Share on other sites

Sorry to hear about your troubles, here is what I would do.

  1. Change your FTP password
  2. Change Your Admn password
  3. Change your Database password
  4. Restore your Database and foles from your last full backup
  5. Remember to edit you configuration files fot the new Database password

Hope this helps,

Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going.

Link to comment
Share on other sites

no my password was not like that.. can you tell me how to change my password??

 

Sorry to hear about your troubles, here is what I would do.
  1. Change your FTP password
     
  2. Change Your Admn password
     
  3. Change your Database password
     
  4. Restore your Database and foles from your last full backup
     
  5. Remember to edit you configuration files fot the new Database password

Hope this helps,

 

 

I don't know how to do any of that...

Link to comment
Share on other sites

no my password was not like that.. can you tell me how to change my password??

I don't know how to do any of that...

 

 

Login to your hosting control panel and you should be able to change your control panel and ftp password (they are most likely the same)

 

You should also be able to change the password for your database in your control panel. Remember though you are going to need to change it in your configure.php files as well so your site will work.

 

How to change your admin password depends on how you have it protected and the varies from site to site.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

no my password was not like that.. can you tell me how to change my password??

I don't know how to do any of that...

 

Well Vicki,

 

There are a number of ways to change the stuff.

 

The easiest of ways is through your web admin panel. I did a quick check to see who your host is, and it looks like oscommerce-solution.com (of whom I am not familiar with) so I don't know what type of panel we're dealing with here. (Side thought- I thought I read something shady about this company a week or so ago about them shutting doors on this forum, not sure though).

 

Anyway you can change your FTP pass thru this panel for sure. Most likely you password protected your admin from this panel as well. Hopefully on your panel as well you have a list of your MySQL databases that list user names and passes for that database. Change those.

 

Then open config.php and update your new user/pass so that you can actively connect to the database.

 

One other thought, if you have access to the web panel and can change the user/pass for the panel itself to that as well.

 

And make them tough!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...