Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Website Hacked, please help


75Designs

Recommended Posts

My website was hacked by bruce of "1923 TURK GRUP". The index.php file in catalog was deleted and an index.html page was added in. The page said hacked by bruce of 1923 TURK GRUP and then some more text that seemed to be turkish.Couldn't find a translator for it. Anyways my admin section is passworded as well as all ftp accounts. I'll change all of my passwords as well as the e-mail password that the accounts are linked to.

 

Anyone seen this before? any clue where they slipped in? maybe a security patch to prevent this?? Thanks a lot.

Link to comment
Share on other sites

Do you have the latest updates unstalled? If this is an older version there is a security hole in the contact us. Download the latest version and follow the step by step update in the "update-20060817.txt"

Link to comment
Share on other sites

oscommerce2.2-MS2 and oscommerce-2.2ms2-060817 only say 2.2ms2 in your application_top.php and your server report, the only way to tell which version you have is to compare the files that were updated in the June 07 version.

 

My guess is that your server was hacked and that is why only your index.php file was deleted and the hacker placed a html index in its place. You still need to find out if you have an updated version.

 

 

 

I am running:

osCommerce 2.2-MS2

PHP Version 4.3.11

Linux 2.6.19.2-UP

MySQL 4.1.20-max-log

Link to comment
Share on other sites

I've had this same message on non-oscommerce sites.

I found that the actual "home" page was not deleted...they just added other Home pages (ending in html, htm, asp, etc).

Just re-upload the real index.php page and delete the other pages it put up there. Contact your hosting company and let them know they got through.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...