tim_o_boy Posted April 27, 2004 Posted April 27, 2004 Just been watching someone trying to hack a site I've done with osCommerce, but not totally sure what they're trying to do. Watching it through whos_online.php. They've got maybe 20 entries in there with the same IP address. Most of the entries are on login.php?osCsid= and then many different session ids. Then a legitimate customer bought something which can be seen with a certain url in who's online. Very quickly the hacker had the same successful purchase url as the real customer. login.php?osCsid=....... went crazy again but after 10 minutes this intruder went away all together. I also noticed at one point that they had gone through the setting up of an account but it doesn't show up anywhere and they still show up as Guest. Any ideas on what's happening and any dangers we may have?
fishy Posted April 27, 2004 Posted April 27, 2004 t-o-b. did you trace the ip to ensure that is not a bot ? best.
tim_o_boy Posted April 28, 2004 Author Posted April 28, 2004 The ip just shows up as within a range used by an isp in a different country from me. I guess I'm alone in having this kind of problem.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.