Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My site hacked by "Hack Haber"...


Shuen

Recommended Posts

The main page of my site has directly dump to a site called "Hack Haber classhaber".

I checked the files everything seems OK, but I'm not able to go to the OSC admin page, It shows a 404 error.

and the index page of OSC just jump to the "install" folder and shows a 500 error.

(The install folder was already removed when I finish the OSC installation.)

I'm afraid the hacker steal my database so I didn't upload the install folder to fix this problem.

I already deleted all the mySQL data to keep all the infomations are in safe.

 

Before I re-install my site, I have some question.

I checked the .htaccess . It seems normal. I upload a new htaccess file, try to point the main page(www.pupapa.com)to the OSC folder.

But It still jump to the hacker' site.

Even I create a new folder and upload a blank index.html page, It still shows 404 error.

How can they wound my domain name? and How Can I fix it?

Link to comment
Share on other sites

there must be a vunerability in your folders then, i do not see how hackers would gain access to your admin area if it is htaccess protected.

another possibility is that the hack was there prior to these being installed,

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Before I re-install my site, I have some question.

I checked the .htaccess . It seems normal. I upload a new htaccess file, try to point the main page(www.pupapa.com)to the OSC folder.

But It still jump to the hacker' site.

Even I create a new folder and upload a blank index.html page, It still shows 404 error.

How can they wound my domain name? and How Can I fix it?

 

You might need to check higher up in the directory hierachy. Check in the main user directory. For example if the path to your shop directory is /home/yourusername/public_html/shop then have a look in yourusername directory for htaccess files.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Thanks for the response.

I already asked the hosting company to clear everything of my account, included the username directory.

But the result shows the index page of my site still affecting by the hacker,

and I have no idea what can I do next...

Link to comment
Share on other sites

Have you made sure all the code has gone from your files?

By the sounds of it the answer is no, you need to do this and then sceure your site properly.

Also do as suggested above and check top levels for htaccess redirects

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Thanks Taipo and Fimble,

 

My hosting just do a deep clear for me, and the problem is already solve.

But I still have no idea which file cause the problem...

and any suggestion to protect the files in the username directory?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...