Guest Posted January 3, 2006 Share Posted January 3, 2006 Can I ask the stupid question... what benefit does buying the licence do? One thing I noticed was that there was some sort of zipped hacking file in each of my directory folders in my hosting - I lost everything. Quote Link to comment Share on other sites More sharing options...
Guest aikdo Posted January 3, 2006 Share Posted January 3, 2006 Buying a licence will remove the (powered by Cubecart) from your title and will also remove the Powered by Cubecart 3.x.x from the footer of your site meaning that when the script kiddies search for "powered by Cubecart" to find Cubecart stores to attack yours wont be there... The min possitives however are the fact you get full support and you get to remove the copyrights, making your store look more profesional. Quote Link to comment Share on other sites More sharing options...
Guest gwizard Posted January 3, 2006 Share Posted January 3, 2006 This looks as less CC issue as host issue. I guess you spoke before you read all the discussions about the security hole in CC? No, I had read the threads before posting. I am simply speaking from personal experience of being on both sides (ie both protecting and attacking). Not long ago my forum got down and whole site deleted becouse php had vulnerability that neither my host nor I had been aware of. If you all had register_globals = off this hack would not had been successfull. That is why I said it is less insecure CC design and more insecure config of the host. Of course, it is both. 2Snowbaby: Buying license allows you to remove the "Powered by CubeCart" from your pages. If you have completelly custom skin and no license strings then it is virtually impossible to find what you are running. BUT, Please mind that security through obscurity is stupid and futile concept in the long run. Quote Link to comment Share on other sites More sharing options...
Guest Posted January 3, 2006 Share Posted January 3, 2006 Thank you for your responses.... I know you are probably sick fed up of answering the same questions over and over, but I think I speak on behalf of everyone here when I say your time and replies really are appreciated. Thank you :) Quote Link to comment Share on other sites More sharing options...
Guest aikdo Posted January 3, 2006 Share Posted January 3, 2006 @Snowbaby im sure when i speek from us all when i say its our pleasure... Quote Link to comment Share on other sites More sharing options...
Guest TheWetFish Posted January 3, 2006 Share Posted January 3, 2006 Buying a licence will remove the (powered by Cubecart) from your title and will also remove the Powered by Cubecart 3.x.x from the footer of your site meaning that when the script kiddies search for "powered by Cubecart" to find Cubecart stores to attack yours wont be there... The min possitives however are the fact you get full support and you get to remove the copyrights, making your store look more profesional. Not trying to talk people out of buying a licence, yet they can still find the site using those key words/phrases due to google and alot of other search engines still having the site listed inside their cache. Buying a licence does NOT automatically remove your site listing from those search engines and people should not assume that would be the case. I have an old site that I closed almost a year ago and still shows up in google searches, even shows forum threads from that site and much more due to the pages being kept in google's cache. However, the reasons for purchasing a licence are good reasons. Not sure exactly where each and every dollar is spent, yet would assume it helps with paying for hosting of this support forum and also the time invested in writing the CubeCart code. Writing code is not easy and not everybody can do it. If you are making money on your CubeCart store, why not give a bit back to the writers/coders of CC by buying a licence. I plan on it once I make a few sales from mine. Matt Quote Link to comment Share on other sites More sharing options...
Guest Puppy Posted January 4, 2006 Share Posted January 4, 2006 (edited) If a hacker tries to exploit CC v3.0.6 but the site has register_global disabled, they will get a 403 error...however here is an explanation of how to bypass the 403 error url deleted by EvilHomeR Inevitably there must be many more out there, and amateur hackers would definitely jump at every chance to have practise shots at hacking sites whilst following a manual (and there are heaps of vulnerable CC sites out there). I think it is quite useful at reading how they exploit our sites to quickly learn where things should be patched and updated. Others would have a much more educated opinion than mine though. B) Edited January 4, 2006 by Puppy Quote Link to comment Share on other sites More sharing options...
Guest aikdo Posted January 4, 2006 Share Posted January 4, 2006 (edited) That was THE original script which has been circulated around the web it will ONLY work if the user is running v 3.0.0 through to 3.0.6 on a server that has register_globals ON otherwise it will fail... The new version 3.0.7pl1 fixes this and will no longer allow people to bypass the 403 check ;) Edited January 4, 2006 by aikdo Quote Link to comment Share on other sites More sharing options...
Guest darkhour2099 Posted January 4, 2006 Share Posted January 4, 2006 yeah i got hacked too. Quote Link to comment Share on other sites More sharing options...
Guest timecrisis Posted January 4, 2006 Share Posted January 4, 2006 I would remind everyone on the forums that script kiddies are obviously watching these forums. Walls have ears! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.