Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Site hacked, index page changed


rforeman

Recommended Posts

The purpose of this post is primarily to report an attack that may be made through OSCommerce in case others have the same problem.

 

We're running OSCommerce 2.2 MS2 (060817) here: http://www.kingwestflowers.com/catalog/. We also have a brochure site here: http://www.kingwestflowers.com/. Only the brochure site index page has been hacked.

 

On Thursday, October 18 our site was hacked and the index page changed. We repair it daily but it reoccurs daily at 5:30 am.

 

Our host tells us to upgrade OSCommerce.

 

We discovered this exploit: http://www.frsirt.com/english/advisories/2005/0171, and have fixed it with this fix: http://www.oscommerce.com/community/contributions,2976.

 

If anyone has experienced the same attack and has found a solution we would appreciate your advice.

 

Sincerely

 

Ron

Ron Foreman

EmpowerYou

(647) 999-8543

Skype: RonForeman

Link to comment
Share on other sites

  • 1 year later...

The reoccurence is likely to occur because of files still left on your server which are not your own. I suggest that you completely wipe your website from the server. Make sure that any hidden files are also wiped.

 

Then carefully upload a clean backup. Check that any files you upload are actually yours.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...