Mr.Black Posted November 24, 2009 Posted November 24, 2009 hi@all im under an hacker attack, i know that he can join my admin pannel and do what he want. Heres my info: im using osCommerce Online Merchant v2.2 RC2a, PHP Version 5.2.8 , Server: Apache , hosting linux, Database: MySQL 5.0.67 , hosted with godaddy. i know that the bug is in oscommerce, so i changed all my admin pannel (i was using the original one of 2.2rc2a) with this contribution: -Administration Access Level Accounts 2.0 of 15 Nov 2009 - Link: http://addons.oscommerce.com/info/1359 and i fixed also the Whos online Vunerability - with this contribution: http://addons.oscommerce.com/info/6536 but the problem is still there... the hacker is still able to join my admin pannel... all my password (ftp, db, admin etc) are random, 13+ characters both numbers and letters... here the last screenshot that he this hacker sent me: http://i50.tinypic.com/2d9a934.png as you can see there is the list of all my orders, he can do what he want...... and i really don't know how. i checked all my file permissions and are all correct. any solution? i really need help with urgent. thanks for your support.
web-project Posted November 24, 2009 Posted November 24, 2009 need to rename the admin folder and almost all file and re-check the code as it probably was hacked. Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
Mr.Black Posted November 24, 2009 Author Posted November 24, 2009 hi im checking it with a my backup using winmerge, i will rename the admin folder too but i dont think it will block this hacker, any other suggestion?
♥geoffreywalton Posted November 24, 2009 Posted November 24, 2009 There is a link to a security patch for the admin area in my useful links thread below and another to suggestions from spooks on what you need to do to totally secure your site. You could also try this in google site:www.oscommerce.com/forums hack display:none G. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>.
Guest Posted November 26, 2009 Posted November 26, 2009 try to password protect your admin folder using cpanel password protect directories.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.