Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

OS comm. hacked


mattwine

Recommended Posts

hi

does anyone know anything about shop fronts being hacked and defaced by

h4ck3d By 3sRaR

i have done a loose search on the web, and this seems to have happened a lot to oscommerce.

i suspect i need to run updates (shop probably 1 1/2 years old)

more to the point, they hacked every site i have....

so, does anyone know about this hack and how to stop it, also, im guessing, but i dont suppose there is an easy way to find out ip's etc.

thanks for any help, sorry if this post is a bit disjointed, but i am still in a state of shock, .... and dealing with irate customers...

mattwine

Link to comment
Share on other sites

well I dont know if this has anything to do with it but I looked at several of teh sites listed in google and they had this at the top.

 

Warning: Installation directory exists at: /blah/local/home/blah/blah/blah/catalog/install. Please remove this directory for security reasons.

 

where is your site?

Link to comment
Share on other sites

hi mike

my site is at

http://www.fastnetsoftware.co.uk/shop/catalog/index.php

i will check my ftp also and see if the directory has been reinstalled.

what is worrying is that they got access to my account, so im trying to get an understanding of how and why this happened, so that i can stop it.

thanks

matt

 

 

well I dont know if this has anything to do with it but I looked at several of teh sites listed in google and they had this at the top.

 

Warning: Installation directory exists at: /blah/local/home/blah/blah/blah/catalog/install. Please remove this directory for security reasons.

 

where is your site?

Link to comment
Share on other sites

There is a security issue with OSC, but the latest update resolved this, update your store to OSC MS2.2 Update 060817, provided you have already done the 051113 update

Link to comment
Share on other sites

My site was hacked a while ago and it turned out the hackers got into the server on which my pages are hosted. All other sites hosted on that server got hacked too. It happened in the night my provider decided to update the php install and to allow fopen() etc. According to them, this is how they got into the server and as a result this and some other functions are disabled again.

 

abra

The First Law of E-Commerce: If the user can't find the product, the user can't buy the product.

 

Feedback and suggestions on my shop welcome.

 

Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong.

Link to comment
Share on other sites

well I just realized that my admin folder was not password protected. I putt htaccess password on it and it is now but I went and looked at a few sites that were also hacked by h4ck3d By 3sRaR and I noticed that their admin was not password protected. I don't remember for sure but I don't think the admin folder is protected by default. I think it does tell you to do that in the installation instructions though.. I guess I just never did it. Are you sure your admin folder is password protected?

Link to comment
Share on other sites

I'm absolutely sure that my admin is protected. It was one of the first things to put .htaccess in place. Next I installed admin login contrib and a mod so that you can't use the back button to get back in. Anyway, they didn't get in through my shop. They used another way into the server and then had admin rights and could change all the hosted pages without needing my passwords for my hosting panel. Changed all my database and ftp password though as the DB one is in plain text in the configure files which were readable to them.

 

abra

The First Law of E-Commerce: If the user can't find the product, the user can't buy the product.

 

Feedback and suggestions on my shop welcome.

 

Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...