Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hacked by GHoST61 please help


allofthepeople

Recommended Posts

From what I have read ... apparently in most cases all that happens is an index.html file is uploaded to your server and hence when trying to access your front page this shows up...try accessing your site but add /index.php at the end and see if that has been affected also (also try other pages /privacy.php /login.php, etc) ... also read up on security through the forums...biggest flaw is the GET variables and folder permissions (777 on /images/ and /backups/ is a big risk ...) have a read through the forums.

Link to comment
Share on other sites

From what I have read ... apparently in most cases all that happens is an index.html file is uploaded to your server and hence when trying to access your front page this shows up...try accessing your site but add /index.php at the end and see if that has been affected also (also try other pages /privacy.php /login.php, etc) ... also read up on security through the forums...biggest flaw is the GET variables and folder permissions (777 on /images/ and /backups/ is a big risk ...) have a read through the forums.

 

/index.php is hacked as well all other files are fine. also the other topic just tells why. i need to know if there is any simple way to rebuild the index.php without having to redo any of the other parts of the site. or is there even a way to restore it?

Link to comment
Share on other sites

before you even think about rebuilding you should figure out for sure how they got in first.

 

if you go ahead and rebuild without doing that, you could potentially destroy evidence that leads you to your answer.

and, if you don't fill the hole they found.. they will just come back and do it all over again... which is putting you in a never-ending cycle of fixing things.

Link to comment
Share on other sites

are you certain that's how they got in? you can't really go on what happens to others as a total solution.. different environments offer different possible vulnerabilities.

 

restoring the index is just as simple as moving the most recent backup.

if you don't have a backup... you're in for a lot of wasted time. :)

Link to comment
Share on other sites

ive just started working on this site tonight for a friend to help him fix it. the priority is to get it back up and running, i understand the risks of another hack. i restored the most recent backup some reason late 2006 (i dont know why it wasn't sooner) and was going to attempt to copy that index.php and then copy that back once i restored it to the backup i made today but some reason when i tested the older restored index.php it is showing hacked as well. does the database restore not restore index.php?

Link to comment
Share on other sites

the database restore only restores the data. (customer data: shipping / address book, order details, etc.)

 

if you're trying to restore index.php, you'll probably need an ftp client to do that. it's just a matter of logging into the ftp server and dragging the file from your desktop.

 

if your friend has only a backup from 2006 and restored a database from then... he probably lost any orders that were placed between 2006 and today.

 

 

 

if his backup of index.php from 2006 is also hacked... there's probably a lot more things wrong with his site than he's telling you. it would probably be less work to start from scratch.

Link to comment
Share on other sites

starting a new index.php and just editing it to match would probably be a good idea if you don't have a backup. shouldn't be too difficult if you're semi familiar with html or php.

 

the database backup stores all of the product details except the images. those are stored in /images.

 

do you have something like cpanel? if so, it wouldn't hurt to do a monthly backup.. this would save all of your files like index.php to your desktop. there's a backup button you click and offers a few different methods of backing up.

Link to comment
Share on other sites

well i went to webarchive.com and found the old one and copied it. but now there is another problem i think i remember seeing before the crack. no matter where in the site when you click a category they all take you back to the home page of the catalog????

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...