Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

malware on the index pages

MitkoPetrov

By MitkoPetrov
in Security

Recommended Posts

MitkoPetrov

MitkoPetrov

Posted
Posted

Hello all,

 

I need some help solving a malware issue. The index files of the website are infected and I get a malware alert when I try to open a cathegory.

 

The index.html contains a JS/Dldr.Agent.fwe

 

The load.php contains PHP/Pbot.A

 

The index.php file contains a JS/iFrame.FK Java script virus, what should it look like so I can remove it and fix this.

 

I already solved some security treads on the site.

Guest

Guest

Posted
Posted

There is no index.html in osCommerce

 

There is no load.php file in osCommerce

 

The index.php file may have malicious code in it, you will have to check ALL files for malicious code and then check your server for anomalous files.

 

 

 

 

 

Chris

MitkoPetrov

MitkoPetrov

Posted
  • Author
Posted

Here are the first lines of the index.php if it helps:

 

<?php
/*
 $Id$
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com
 Copyright (c) 2010 osCommerce
 Released under the GNU General Public License
*/
 require('includes/application_top.php');
// the following cPath references come from application_top.php
 $category_depth = 'top';
 if (isset($cPath) && tep_not_null($cPath)) {
   $categories_products_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where categories_id = '" . (int)$current_category_id . "'");
   $categories_products = tep_db_fetch_array($categories_products_query);
   if ($categories_products['total'] > 0) {
  $category_depth = 'products'; // display products
   } else {
  $category_parent_query = tep_db_query("select count(*) as total from " . TABLE_CATEGORIES . " where parent_id = '" . (int)$current_category_id . "'");
  $category_parent = tep_db_fetch_array($category_parent_query);
  if ($category_parent['total'] > 0) {
    $category_depth = 'nested'; // navigate through the categories
  } else {
    $category_depth = 'products'; // category has no products, but display the 'no products' message
  }
   }
 }
 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_DEFAULT);
 require(DIR_WS_INCLUDES . 'template_top.php');
 if ($category_depth == 'nested') {
   $category_query = tep_db_query("select cd.categories_name, c.categories_image from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.categories_id = '" . (int)$current_category_id . "' and cd.categories_id = '" . (int)$current_category_id . "' and cd.language_id = '" . (int)$languages_id . "'");
   $category = tep_db_fetch_array($category_query);
?>
<h1><?php echo $category['categories_name']; ?></h1>
<div class="contentContainer">
 <div class="contentText">
   <table border="0" width="100%" cellspacing="0" cellpadding="2">
  <tr>
<?php
   if (isset($cPath) && strpos('_', $cPath)) {
// check to see if there are deeper categories within the current category
  $category_links = array_reverse($cPath_array);
  for($i=0, $n=sizeof($category_links); $i<$n; $i++) {
    $categories_query = tep_db_query("select count(*) as total from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.parent_id = '" . (int)$category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id . "'");
    $categories = tep_db_fetch_array($categories_query);
    if ($categories['total'] < 1) {
	  // do nothing, go through the loop
    } else {
	  $categories_query = tep_db_query("select c.categories_id, cd.categories_name, c.categories_image, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.parent_id = '" . (int)$category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id . "' order by sort_order, cd.categories_name");
	  break; // we've found the deepest category the customer is in
    }
  }
   } else {
  $categories_query = tep_db_query("select c.categories_id, cd.categories_name, c.categories_image, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.parent_id = '" . (int)$current_category_id . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id . "' order by sort_order, cd.categories_name");
   }
   $number_of_categories = tep_db_num_rows($categories_query);
   $rows = 0;
   while ($categories = tep_db_fetch_array($categories_query)) {
  $rows++;
  $cPath_new = tep_get_path($categories['categories_id']);
  $width = (int)(100 / MAX_DISPLAY_CATEGORIES_PER_ROW) . '%';
  echo '	    <td align="center" class="smallText" width="' . $width . '" valign="top"><a href="' . tep_href_link(FILENAME_DEFAULT, $cPath_new) . '">' . tep_image(DIR_WS_IMAGES . $categories['categories_image'], $categories['categories_name'], SUBCATEGORY_IMAGE_WIDTH, SUBCATEGORY_IMAGE_HEIGHT) . '<br />' . $categories['categories_name'] . '</a></td>' . "\n";
  if ((($rows / MAX_DISPLAY_CATEGORIES_PER_ROW) == floor($rows / MAX_DISPLAY_CATEGORIES_PER_ROW)) && ($rows != $number_of_categories)) {
    echo '	  </tr>' . "\n";
    echo '	  <tr>' . "\n";
  }
   }

 

When I ran a website check it found a

Suspicious Inline Scripts running:

 

function createCSS(selector,declaration){var ua=navigator.userAgent.toLowerCase();var isIE=(/msie/....

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...