Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

new one to me, attack?


Guest

Recommended Posts

ive sorted out most or all security issues with v2.2rc but ive just had an ip from japan look for about 20 pages on my site at once

 

product_info.php?products_id=48%20And%20(Select%201%20From(Select%20Count(*),Concat(CHAR%20(58,58,58),(Select%20Schema_Name%20From%20Information_Schema.%20Schemata%20Limit%200,1),floor(rAnd(0)*2),CHAR%20(58,58,58))x%20From%20Information_Schema.%20Tables%20Group%20By%20x)a)%20

 

now because its looking at a product with all that crap after it does show the product, normally when i had attacks looking for back doors like login etc it threw them to the page not found page.

 

this doesnt.

Link to comment
Share on other sites

Its a ( blind ) sql injection...and attempt to extract information about the database structure.

 

In some outdated prepackaged versions of osCommerce, that particular injection attempt might actually work. ALLPC osCommerce for example used to be vulnerable to database information attacks of that genre.

 

If you are concerned about attackers probing your site for vulnerabilities, then take a look at the latest version of osC_Sec

http://addons.oscommerce.com/info/7834

 

There is a new section in the security addon specifically dedicated to database injection attempts.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...