Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Contribution: SysCheck for osCommerce


swguy

Recommended Posts

This contribution provides a quick way to assess your site's security and check for possible hacks by checking the following:

 

* the presence of admin/file_manager.php

* admin users

* php scripts in the images directory

* directories with permissions other than 0x755

* php files which include "eval" (this is an known exploit vector).

* files with permissions other than 0x644

 

Download here:

http://addons.oscommerce.com/info/7026

Contributions: Better Together and Quantity Discounts for osCommerce 2.3.x and Phoenix. See my profile for more details.

Link to comment
Share on other sites

  • 1 month later...

SysCheck has been updated to do more extensive tests for scripts in unexpected places; in addition to checking for .php files, it now checks for .pl, .py and .cgi filetypes.

 

Download here:

http://addons.oscommerce.com/info/7026

Contributions: Better Together and Quantity Discounts for osCommerce 2.3.x and Phoenix. See my profile for more details.

Link to comment
Share on other sites

  • 6 months later...

After running the syscheck by entering the address in the browser window, I get a large list of files under Files with incorrect permissions. Vast majority is the images. The permissions for such images, is set at 755. It is my understanding this is correct.

 

So why does syscheck show them having incorect permission code? The only way I found to have not be listed under Files with incorrect permissions is by setting the image to 444.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...