Loaded Commerce Community

Banner

View unanswered posts | View active topics


Board index » CRE Loaded Support » CRE Loaded 6.2

All times are UTC - 5 hours




Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Previous topic | Next topic 
Author Message
maha
 Post subject: security issues? Help..
PostPosted: Sat Jun 04, 2011 2:15 am 
Offline
CRE Newbie

Joined: Tue Mar 22, 2011 3:58 pm
Posts: 2
I found these hacked PHP files in my /public_html directory

bots.php
byroe.php
hax0r.php
mail.php
main.php
osh.php
read.php
sempak.php
view.php

in the /public_html/images directory

SSpread.php
ShadowXphp
ShadowID.php
Shadow.php
Ps-X.php
break.php
bots.php
bad.php
about.inc.php
about.php
aa.php

Don't know how they got there. The files all have very recent dates, comparing to my backup files, they don't belong, so I deleted them.

Can someone tell me how to patch this security hole? (I already patch admin/includes/application_top.php last year)
Top
 Profile  
 
soundzgood2
 Post subject: Re: security issues? Help..
PostPosted: Sat Jun 04, 2011 10:23 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2405
Location: New Zealand
I wrote a few ideas down here to improve basic security of your store:
http://www.codemehappy.com/2010/11/top- ... -security/

If you want the convenience of being able to upload image files to /images through the admin then there's a reason anyone else can too. The main thing is disabling any script from executing once it's there using htaccess.
None of the list will stop a determined hacker, but as most attempts are just automated bots anyway, they should provide some help.

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
maha
 Post subject: Re: security issues? Help..
PostPosted: Sun Jun 05, 2011 8:42 am 
Offline
CRE Newbie

Joined: Tue Mar 22, 2011 3:58 pm
Posts: 2
For now, I added a password for the /admin folder. Will that work just as well?
Top
 Profile  
 
Nimitz1061
 Post subject: Re: security issues? Help..
PostPosted: Tue Jun 28, 2011 3:05 pm 
Offline
CRE Legend

Joined: Sun Nov 09, 2003 1:00 am
Posts: 7301
Location: Baconton, GA USA
No.

This type of file distribution indicates that the cracker had access to either FTP, a control panel file manager, a working back door with access to the full web space (everything below public_html) or the store admin file manager.

Change ftp and control panel file access credentials, change the admin login, do a full file set cleanup, remove the admin file manager and define languages tools, apply the php_self patch and install SSL. That should get you started.

David

_________________
My CRE Loaded FAQ List
CRE Loaded Hosting

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Board index » CRE Loaded Support » CRE Loaded 6.2

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
It is currently Wed May 23, 2012 8:27 pm
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

Main Menu

Login

Forums Latest Activity

Top Listing

1. Cart2Cart - Shopping...
    Category: Shopping Cart Database Conversion Scripts
    
2. Points & Rewards PLUS!...
    Category: Add-Ons
    
3. Configuration Server...
    Category: Fixes
    
4. Credit Card with CCV
    Category: Payment Modules
    
5. CC7333_ATS
    Category: Templates
    
Show more...

© CRE Loaded is a product of Chain Reaction Ecommerce, Inc. Usage & Privacy Policy