Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Modified files


mxboxalicante

Recommended Posts

Estimated companions, I go a few weeks in which I am more time restoring backups of oscommerce that with my family. Practically every day when i type my web page I have messages of this type:

 

Fatal error: Call to a member function add_current_page() on a non-object in /web/htdocs/www.mxboxalicante.com/home/catalog/includes/application_top.php on line 325

 

Every day of a different file

 

I have been putting all the safety addons that I have could but this is still equal. What do you think that can be, have stolen the password of the ftp from me? and are modifying me my .php files from ftp?

 

Today in the morning for example tape-worm 11 files modified of them 2:30 of the dawn

 

Best Regards

Link to comment
Share on other sites

Your cookie_usage.php file is infected with a code that allows an attacker to upload files and overwrite files. Restore the original file.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

add_current_page()  error suggest that your session variables is not a global variable.

 

Apply register globals patch.

 

 

 

 

Satish

 

 

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

If you go to http://www.mxboxalicante.com/catalog/cookie_usage.php?cookies=1 you can see there is a message displayed:

Goog1e_analist_certs

v..1

 

To the attacker this means they can exploit this file to overwrite any file on your server, check file permissions of other files, read file content, and upload any file they choose. I wrote an explaination of this here.

 

There is no security change you can make that can prevent them exploiting this file in this manner. You need to find an original install of cookie_usage.php and restore it to your site. This current file probably had code appended into it before you patched your site with security changes.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...