OpenCart Community

OpenCart Community Forum - Discuss shopping cart and e-commerce solutions.
https://forum.opencart.com/

How to become backend access

https://forum.opencart.com/viewtopic.php?t=171252

Page 1 of 1

How to become backend access

Posted: Thu Dec 08, 2016 4:34 am
by OSWorX
Today I've found this article at sucuri: https://blog.sucuri.net/2016/12/unrestr ... login.html
It describes the way how a hacker could become access to your backend very easy - if you are using an older OpenCart version.

Re: How to become backend access

Posted: Fri Dec 09, 2016 9:05 pm
by ADD Creative
It's not if using an older version of OpenCart. It's if any version of OpenCart has been modified by malware (or maybe a third party).

Need to check to see if system/library/user.php or system/library/cart/user.php have been modified. The malware adds a # to the the front of the WHERE statements in the SQL.
All times are UTC+08:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/