How to become backend access

Post Reply
User avatar
OSWorX
Posts: 4145
Joined: Mon Jan 11, 2010 10:52 pm
Location: Austria
Contact:

How to become backend access

Post by OSWorX » Thu Dec 08, 2016 4:34 am

Today I've found this article at sucuri: https://blog.sucuri.net/2016/12/unrestr ... login.html
It describes the way how a hacker could become access to your backend very easy - if you are using an older OpenCart version.
Image

ADD Creative
Posts: 392
Joined: Sat Jan 14, 2012 1:02 am

Re: How to become backend access

Post by ADD Creative » Fri Dec 09, 2016 9:05 pm

It's not if using an older version of OpenCart. It's if any version of OpenCart has been modified by malware (or maybe a third party).

Need to check to see if system/library/user.php or system/library/cart/user.php have been modified. The malware adds a # to the the front of the WHERE statements in the SQL.

Post Reply

Return to “Security & Server”

Who is online

Users browsing this forum: No registered users and 9 guests