Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hack attempt - is there a way to prevent this?


Guest

Recommended Posts

1 hour ago, JcMagpie said:

Both blocked by server with 403 error page.

Not sure now as was able to bypass 403 with simple mod to ascii and hex. layout gets messed up both in shop and admin and ends up in db.

search  accepted input.  I would say not a big issue but for the fact that I see fake accounts every day. Jack's honey pot has them down to 5 or 6 per attack per day but they still get in. Here is a typical example, filtering them out is nearly imposiable as they use real email address which  clearly don't belong to them.

image.png.79db48a4e12fe56e8b0b1dae8d92a74c.png

image.png.6bf7b285cd2d3fe99bdc603da369f4f3.png

as did make account

image.png.fb59d3c5543ea874c52d519270bb153e.png

image.thumb.png.ccebba9ea63504c1996151db6f81bbf4.png

admin takes input and output the rubbish.

image.thumb.png.6901722a7a9b7255edab2cd3401843fb.png

as will the db,

image.thumb.png.2ae71e21003232b520a803146bdb9198.png

 

Link to comment
Share on other sites

  • Replies 50
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...