Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Oscommerce Security - Osc_Sec.php


Taipo

Recommended Posts

Is there away of disabling the osc_sec cookie check?

 

I often receive this message - even though its clearly not a hacker attempt: "osC_Sec detected malicious cookie content..."

 

And since I use IP trap, the IP is banned.

 

Thanks!

Link to comment
Share on other sites

  • Replies 598
  • Created
  • Last Reply

In the latest version of osc_sec.php, find:

      $this->cookieShield();

 

and replace with:

#     $this->cookieShield();

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Try this version out Burt.

 

http://pastebin.com/Hn2ifX6U

 

( grab the code from the raw paste data at the bottom )

 

Let me know if that sorts the issue, if so I will post an update.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

The only bits to edit now are in osc.php file which is in the zip file in the includes directory along with osc_sec.php

 

In fact you do not need to edit anything if you just want to add it, however if you want to ban ip addresses and such then osc.php is the file you want to look in. Check the readme.htm file for more on editing the settings.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

osC_Sec 5.0.1

 

Whats New?

- Added extra checks in $checkfilename

- Fixed an issue where files contain extra '.'. i.e. file.name.php

- Fix phpSelfFix() function

- Fixed whitespace issue with $this->_httphost

- More additions to the dbShield() function to protect against database injection attempts

- Fixed a number of issues with dbShield() to prevent false positives

- Removed base64_decode aspect of dbShield() due to it causing errors in some configurations

- More additions to getShield() function to detect local file read attempts

- Remake of the postShield() function

- Remake of the cookieShield() function

- Fixed an error in ipTrapped()

 

New Install instructions: see the readme.htm, as per usual, all updates contain the complete package

 

Updating:

Replace the osc_sec.php file in your catalogs /includes/ directory with the one in the /includes/ directory of this zip file.

 

Please report any bugs to the discussion forums at http://goo.gl/dQ3jH or email [email protected]

 

Download from: http://addons.oscommerce.com/info/8283

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Hi Taipo

 

Google & Babel translate do not work on my site anymore, could the OSC SEC contirbution be stopping it from working?

 

I also have Security Pro 2.0 installed.

 

These are the characters Google uses

http://translate.google.com/translate?hl=en&sl=en&tl=sq&u=http%3A%2F%2Fwww.oscommerce.com%2F

 

And this is what Babel uses

 

http://babelfish.yahoo.com/translate_url?doit=done&tt=url&intl=1&fr=bf-home&trurl=http%3A%2F%2Fwww.oscommerce.com%2F&lp=en_nl&btnTrUrl=Translate

 

I added % and & and = to the Secuity Pro whitelist but the translation from these pages comes back as

 

blank page for Google and with an

 

error(0) for Babel

Link to comment
Share on other sites

I have a similar problem with Google Translate, my page loads fine but it report the following error at the top of the page:

 

Warning: file () [ function.file ]: Emri nuk mund të jetë bosh në / home / mydomain / public_html / përfshinë / osc_sec.php on line 675

Link to comment
Share on other sites

What does " Emri nuk mund të jetë bosh në" mean PT?

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

I have no idea, i just click on a random language, but the original error message is:

 

Warning : file() [ function.file ]: Filename cannot be empty in /home/mydomain/public_html/includes/osc_sec.php on line 675

 

Warning : Cannot modify header information - headers already sent by (output started at /home/mydomain/public_html/includes/osc_sec.php:675) in /home/mydomain/public_html/includes/functions/general.php on line 1355

Link to comment
Share on other sites

Try this version Ricardo

http://pastebin.com/RGWKExAq

 

Let me know how it goes.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

You can also try this as it could be associated with the way osC_Sec deals with post form data.

 

Find these two lines:

 

 
  # check _POST variables against the blacklist
  $this->postShield();

 

and replace with:

 
  # check _POST variables against the blacklist
  # $this->postShield();

 

Let me know if that helps

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

It is not needed due to the fact that there are no known security issues with 2.3.1, however it doesn't hurt to install it.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Taipo, if you could help out with an issue that apparently osc_sec is causing it would be appreciated.

 

With one of the latest udpates, there apparently is an effect on an action on a page what Jack_MCS calls, "It is just a normal form update page" that effects that update in the adminstrative side of Header Tags SEO.

 

Specifically, when you select a keyword that is displayed on a table on the page, and click the appropriate activator, the intended delete action doesn't occur. I disable osc_sec in admin and the action then works. Another user, tried rolling back a version or two of osc_sec and that corrected the issue for him as well.

 

I wish I could be more descriptive of the actual code that is effected, but I don't know the coding well enough to figure it out. But it appears one of the last version or two of osc_sec is causing this.

 

Any hunches based on what I provided? Thanks

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

Try following the instructions at my previous post and let me know if that fixes the issue.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Try following the instructions at my previous post and let me know if that fixes the issue.

 

That was the issue. After commmenting out as above, the issue is resolved. Thank you

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

osC_Sec 5.0.2

 

Whats New?

- Fixed issues causing conflicts with some addons concerning the postShield() function

 

New Install instructions: see the readme.htm, as per usual, all updates contain the complete package

 

Updating:

Replace the osc_sec.php file in your catalogs /includes/ directory with the one in the /includes/ directory of this zip file.

 

Please report any bugs to the discussion forums at http://goo.gl/dQ3jH or email [email protected]

 

Download from: http://addons.oscommerce.com/info/8283

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Taipo, I downloaded the latest but the problem came back again, so I changed that line of code to

# $this->postShield();

and the issue is resolved again.

FYI

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

hey Taipo,

 

I have the same problem with the new version, my checkout page still will not let me pass payment selection page and I changed # $this->postShield(); and it fixed the problem as well. Looks like everyone has problem with this function.

Link to comment
Share on other sites

Try this one PT, I have removed the postShield function for now.

http://pastebin.com/RELeMuXL

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...