Post by MasterCATZ » Sat Sep 14, 2019 2:19 pm

Unsure how this broke , but I did notice mysql upgrade to Server version: 5.7.26-29-57-log Percona XtraDB Cluster a few days ago

how can I recreate the missing oc_session tables ?

oc_session_WARNING
oc_session_encrypt

are still their


Fatal error: Uncaught Exception: Error: Table 'opencartGTAGF.oc_session' doesn't exist<br />Error No: 1146<br />SELECT `data` FROM `oc_session` WHERE session_id = '72c913db630cbd07783a2649bd' AND expire > 1568440968 in /var/www/html/system/library/db/mysqli.php:40 Stack trace: #0 /var/www/html/system/library/db.php(45): DB\MySQLi->query('SELECT `data` F...') #1 /var/www/html/system/library/session/db.php(21): DB->query('SELECT `data` F...') #2 /var/www/html/system/library/session.php(72): Session\DB->read('72c913db630cbd0...') #3 /var/www/html/system/framework.php(106): Session->start('72c913db630cbd0...') #4 /var/www/html/system/startup.php(104): require_once('/var/www/html/s...') #5 /var/www/html/index.php(19): start('catalog') #6 {main} thrown in /var/www/html/system/library/db/mysqli.php on line 40




Fatal error: Uncaught Exception: Error: Table 'opencartGTAGF.oc_session' doesn't exist<br />Error No: 1146<br />REPLACE INTO `oc_session` SET session_id = '72c913db630cbd07783a2649bd', `data` = '[]', expire = '2019-09-14 07:02:48' in /var/www/html/system/library/db/mysqli.php:40 Stack trace: #0 /var/www/html/system/library/db.php(45): DB\MySQLi->query('REPLACE INTO `o...') #1 /var/www/html/system/library/session/db.php(32): DB->query('REPLACE INTO `o...') #2 /var/www/html/system/library/session.php(81): Session\DB->write('72c913db630cbd0...', Array) #3 [internal function]: Session->close() #4 {main} thrown in /var/www/html/system/library/db/mysqli.php on line 40


the only other thing was I ran into permission errors while trying to make a backup so thinking something else might be broken
mysqldump -u root -p --lock-for-backup --all-databases> alldb13092019.sql

mysqldump: Couldn't execute 'SHOW FIELDS FROM references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them (1356)

Newbie

Posts

Joined
Mon May 13, 2019 4:58 pm

Post by xxvirusxx » Sat Sep 14, 2019 3:19 pm

So you have this table name?

opencartGTAGF.oc_session

My converted modules | Buy me a beer | Contact me on Skype


User avatar
Expert Member

Posts

Joined
Tue Jul 17, 2012 10:35 pm
Location - RO

Post by MasterCATZ » Sun Sep 15, 2019 10:44 pm

worked it out opencart was hacked and sql database is now ransomware

what can be done to stop opencart displaying the passwords in plain text on the error page when it can not connect to a sql database ...


LOCK TABLES `oc_address_WARNING` WRITE;
/*!40000 ALTER TABLE `oc_address_WARNING` DISABLE KEYS */;
INSERT INTO `oc_address_WARNING` VALUES (1,'Your `oc_address` table has been encrypted. For decription you need to pay 0.060000 bitcoin to the address 1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC\nAfter payment you should go to the http://bp7hhvchre5ifqd6.onion/order/...WaMtDm3FAqhJXC using tor client and get your unique secret key.\nAfter receiving the key, you must execute mysql request: UPDATE oc_address SET field = AES_DECRYPT(field, \'YOUR-SECRET-KEY\');\n\nIf you want, you can check how this works on this table. Field "secretProof" is encrypted with a simple key, execute the request:\nUPDATE oc_address_WARNING SET secretProof = AES_DECRYPT(secretProof, \'keyForProof\');\n\nAttention. This key does not work for your master data. Do not use it, otherwise you may permanently damage the data. To get the key you need, contact us.Field `tableStruct` contains the original names and type of your table. The key for decoding is the same as key for prof: keyForProof','1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC',' http://bp7hhvchre5ifqd6.onion/order/1nW ... C',_binary '\Z\Ï\Âb\0OòGD\ç!\ZŠ¯av€:rfqI5\ÄɃû$z‘Ÿ.€˜ev·n\á* š\ÈJ Pð6N³Œ Fó\ÛU"\áž0C–\Çd\Æ{+$«\ëX1Ž[9<#¿,‹VG·>Ž\Ï(L\r\Æ\ï„]±]‹y\ßRÔŒ\à\Þs\Ý{ðú\Ö\â³\ÂW\Ê\ì&S®\'K\ÆV1žuÀ\×\ÞX\ÒE ñmŸ|',_binary 'K›¶.²O³ŽqÞ®c‚Ñž ŠþVӁs†\ïIª\Ã[\Ètgœýq2ý°Â¿D\Ьšß’€ÿÿ{z•\Ï+\à8ö#w6$ºgHzrv»ñ\î‹úû ‰ðš¢\Úù3ŸZ`\Ô÷šQW·\Ø[\ÞDž°œ…`\Ø0£H±g>\ZðJY\Õl_{\ÚBð\rږbmw •‰o_ڔ¹CÁŽI\'·²PTˆAJ\\7\Ð)Š\Zðž Q\'\Û\Ù" +œ&u\ä±ùõ†\0Eh¶-\Ä÷¢\ØT—Ÿ¯\Í_\ÄP\0VŠÒ‡h;Q†ˆ\ÎZŠaye‘D[M’\05!‹‹0ž\Ú\ÆM?ˉŸþZ¶ý¯\r«\é…\ê\ÝB2÷¹\'€/ö‘haVŒ\î{©’ó*a\Ç\äa\Ò\ÈLB%„g£ÍˆÁ²ýƒg¡œ°ý\ÜN®ýËœZR^ h\ï\Å\Ò*\ï\Ø_\à‡<ú\èº\îp>n\Ã\ÇÁ\Ò\ß\í\Ö@ý+');
/*!40000 ALTER TABLE `oc_address_WARNING` ENABLE KEYS */;
UNLOCK TABLES;

Newbie

Posts

Joined
Mon May 13, 2019 4:58 pm

Post by paulfeakins » Mon Sep 16, 2019 6:03 pm

MasterCATZ wrote:
Sun Sep 15, 2019 10:44 pm
worked it out opencart was hacked and sql database is now ransomware
For all hacks, we always recommend www.getastra.com/pricing

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Expert Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom
Who is online

Users browsing this forum: No registered users and 40 guests