Jump to content

Don't know how it got there ? Security loop hole

Guest

By Guest
in Technical Help

 Share

Recommended Posts

  • 1 month later...
Robsta Newbie

Robsta

Posted
Posted

You can remove the links by editing the skin files. The product pages is viewProd.tpl

But unless you can determine exactly what has changed from the hack, you may be safer to reinstall. It may just be the skin files that have change, but note if they were able to edit the skin files, then they could certainly access your database. And unless you've upgraded since the hack, they have had unrestricted access to your hosting and database for the last 2 months.

Link to comment
Share on other sites
  • 3 weeks later...
Guest

Guest

Posted
Posted

You can remove the links by editing the skin files. The product pages is viewProd.tpl

But unless you can determine exactly what has changed from the hack, you may be safer to reinstall. It may just be the skin files that have change, but note if they were able to edit the skin files, then they could certainly access your database. And unless you've upgraded since the hack, they have had unrestricted access to your hosting and database for the last 2 months.

The link is not there in viewProd.tpl Any other file I should check ?

Link to comment
Share on other sites
Guest Martin Mallett

Guest Martin Mallett

Posted
Posted

You can remove the links by editing the skin files. The product pages is viewProd.tpl

But unless you can determine exactly what has changed from the hack, you may be safer to reinstall. It may just be the skin files that have change, but note if they were able to edit the skin files, then they could certainly access your database. And unless you've upgraded since the hack, they have had unrestricted access to your hosting and database for the last 2 months.

The link is not there in viewProd.tpl Any other file I should check ?

Do you have any code like:

base64_decode("dXNlcjcucGhwaW5jbHVkZS5ydQ==")

I was hacked and they encoded the links using base64 to make it harder to track down

M.

Link to comment
Share on other sites
  • 4 weeks later...
Guest

Guest

Posted
Posted

You can remove the links by editing the skin files. The product pages is viewProd.tpl

But unless you can determine exactly what has changed from the hack, you may be safer to reinstall. It may just be the skin files that have change, but note if they were able to edit the skin files, then they could certainly access your database. And unless you've upgraded since the hack, they have had unrestricted access to your hosting and database for the last 2 months.

The link is not there in viewProd.tpl Any other file I should check ?

Do you have any code like:

base64_decode("dXNlcjcucGhwaW5jbHVkZS5ydQ==")

I was hacked and they encoded the links using base64 to make it harder to track down

M.

Please find below my code from viewProd.tpl

<!-- BEGIN: view_prod -->

<div class="boxContent">

<!-- BEGIN: prod_true -->

<strong>{LANG_DIR_LOC}</strong> {CURRENT_DIR}

<form action="{CURRENT_URL}" method="post" name="addtobasket" target="_self">

<p class="txtContentTitle"><strong>{TXT_PRODTITLE}</strong></p>

<div style="text-align: center;"><img src="{IMG_SRC}" alt="{TXT_PRODTITLE}" border="0" title="{TXT_PRODTITLE}" /></div>

<!-- BEGIN: more_images -->

<div style="text-align: center;"><a href="java script:openPopUp('extra/prodImages.php?productId={PRODUCT_ID}', 'images', 548, 455, 0);" class="txtDefault">{LANG_MORE_IMAGES}</a></div>

<!-- END: more_images -->

<p>

<strong>{LANG_PRODINFO}</strong>

<br />

{TXT_DESCRIPTION}

</p>

<p>

<strong>{LANG_PRICE}</strong> {TXT_PRICE}

<span class="txtSale">{TXT_SALE_PRICE}</span>

</p>

<ul>

<li class="bulletLrg"><a href="index.php?act=taf&amp;productId={PRODUCT_ID}" target="_self" class="txtDefault">{LANG_TELLFRIEND}</a></li>

</ul>

<!-- BEGIN: prod_opts -->

<br />

<strong>{TXT_PROD_OPTIONS}</strong>

<table border="0" cellspacing="0" cellpadding="3">

<!-- BEGIN: repeat_options -->

<tr>

<td><strong>{VAL_OPTS_NAME}</strong></td>

<td>

<select name="productOptions[]">

<!-- BEGIN: repeat_values -->

<option value="{VAL_ASSIGN_ID}">

{VAL_VALUE_NAME}

<!-- BEGIN: repeat_price -->

({VAL_OPT_SIGN}{VAL_OPT_PRICE})

<!-- END: repeat_price -->

</option>

<!-- END: repeat_values -->

</select>

</td>

</tr>

<!-- END: repeat_options -->

</table>

<!-- END: prod_opts -->

<br />

<strong>{LANG_PRODCODE}</strong> {TXT_PRODCODE}

<div>

{TXT_INSTOCK}<span class="txtOutOfStock">{TXT_OUTOFSTOCK}</span>

<!-- BEGIN: buy_btn -->

<div style="position: relative; text-align: right;">{LANG_QUAN}

<input name="quan" type="text" value="1" size="2" class="textbox" style="text-align:center;" />

<a href="java script:submitDoc('addtobasket');" class="txtButton">{BTN_ADDBASKET}</a>

</div>

<!-- END: buy_btn -->

</div>

<input type="hidden" name="add" value="{PRODUCT_ID}" />

</form>

<!-- END: prod_true -->

<!-- BEGIN: prod_false -->

<p>{LANG_PRODUCT_EXPIRED}</p>

<!-- END: prod_false -->

</div>

<!-- END: view_prod -->

Any suggestions ?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...