ecigaxc Posted September 7, 2011 Posted September 7, 2011 Hi, so I've been hack a few days ago, I found a few corrupted files on my webstore, these one: htaccess file with that code: php_value auto_append_file /home/USERNAME/public_html/Thumbs.db a thumb file and a cookie_setup.php file with a code like that: @eval(base64_decode" So I made a search on notepad with all my files open and tried to find all files with "@eval(base64_decode" but except these files I didn't find anything. So my question is, how can I be sure that there is not any corrupted files/codes on my store anymore ? (And yes now my website is secure, I followed the post "how to secure your website...").
Guest Posted September 7, 2011 Posted September 7, 2011 Common hack code includes 'Decode', 'base64' and 'eval'. You should search for those terms. HOWEVER, some contributions do have eval and decode in them so not all instances will be hacked code. If you have installed the 5 'must have' contributions, then site monitor will help in identifying additional problems. Chris
jmose Posted September 9, 2011 Posted September 9, 2011 Also, your data tables might have been hacked too. Check your 'configuration' table to see if it has injected data. Back in March, I found my STORE_PARSE_DATE_TIME_FORMAT value had been changed to include PHP scripting. HTH, Jim
andes1 Posted September 26, 2011 Posted September 26, 2011 read this . http://www.oscommerce.com/forums/topic/368746-had-3-sites-hacked-what-to-do/ Axioma gave an advise about how to, he got this from a site that had a list of 5000 or more of oscommerce stores hacked (of course this list was deleted here, the forum). Anyway, the advise was too helpful to my some time ago
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.