Post by rp_ » Sun Sep 16, 2018 5:18 am

Hi,
I hope this is the correct forum to post this message. Yesterday, I downloaded Discount Percent Ribbons at https://www.opencart.com/index.php?rout ... n_id=25118. The developer is Webmart.fr
In looking at the code, I noticed this:
<file path="catalog/view/theme/*/template/product/product.twig">
<operation>
<search><![CDATA[href=""]]></search>
<add position="replace"><![CDATA[href="http://www.boss.shoes"]]></add>
</operation>

Sorry, I'm not a coder, but it looks like it really doesn't belong on any website. I posted a warning twice on the product comments in the past 2 days, only to be deleted, with no explanation, nor was the download script modified.
Is this bit of code to be of any concern?
'rp

rp_
Newbie
Online

Posts

Joined
Tue Jun 26, 2018 12:30 am

Post by OSWorX » Sun Sep 16, 2018 5:22 pm

You are right, links like that should not be included - even it is a 'free' extension!
If the extension works as expected, that section can be deleted inside the xml-file.
And you should report that extension.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by rp_ » Sun Sep 16, 2018 11:34 pm

OK, thank you. After a little more research, I discovered that this programmer is scamming review scores from users that install the discount script, and quite possibly they will never discover their hard earned review credit was hijacked.

{% endfor %} <a href="" onclick="$('a[href=\'#tab-review\']').trigger('click'); return false;">{{ reviews }}</a> / <a href="" onclick="$('a[href=\'#tab-review\']').trigger('click'); return false;">{{ text_write }}</a></p>

I am not a coder, but can see something 'uncool' is happening with the 'reviews' feature, with his domain attached to it, not yours. It didn't this take long to figure that out.
When I post on the product comments that its a scammy script, it gets deleted. I hope this message is in the correct section, if not, may a moderator move it to the proper location. The community needs to know.

Again, his name is Webmart.fr. He needs to be banned for such nonsense. Whats next, deploy bot nets to users Opencart sites?
Beware of all scripts obtained, both free and paid.

rp_
Newbie
Online

Posts

Joined
Tue Jun 26, 2018 12:30 am

Post by IP_CAM » Mon Sep 17, 2018 4:11 am

Well, don't worry about this too much, both Site URL's are for Sale, and nobody
is checking on you anymore. :D Still, that's not the only Extension, linking to
someplace else, and even a default OC carries such, like in the product page,
where every Page Call will automatically connect to a sneaker-site, regardless of,
if the function is admin enabled or not! :D
Ernie

Code: Select all

            <!-- AddThis Button BEGIN -->
            <div class="addthis_toolbox addthis_default_style" data-url="{{ share }}"><a class="addthis_button_facebook_like" fb:like:layout="button_count"></a> <a class="addthis_button_tweet"></a> <a class="addthis_button_pinterest_pinit"></a> <a class="addthis_counter addthis_pill_style"></a></div>
            <script type="text/javascript" src="//s7.addthis.com/js/300/addthis_widget.js#pubid=ra-515eeaf54693130e"></script> 
            <!-- AddThis Button END --> 

For Sale: Top URL's, including OpenCart V-Pro installed, like seen here:
http://www.bigmax.ch - http://www.ipcam.li - http://www.opencart.li
For Information + URL's offered, please contact me at: jti@jacob.ch
I am NOT available for Custom Support in existing OC Installations!
My Github Repositories: https://github.com/IP-CAM
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by rp_ » Mon Sep 17, 2018 9:02 am

Ernie,
How you can say don't worry about this? This guy is a thief. Got that? He should be banned off the site for being a thief.
How many sites have that innocent looking script loaded? It shows over 3000 downloads. How many review scores do you think he's hijacked?
Does Opencart admins not want to deal with programmers 'spiking' their extensions with harmful code? Perhaps I should have said nothing and just laughed it off? :laugh:

rp_
Newbie
Online

Posts

Joined
Tue Jun 26, 2018 12:30 am

Post by IP_CAM » Mon Sep 17, 2018 10:02 am

Well, only a Web-Fool would ever install unknown OC-Software from an unknown Source,
before taking a good look into the Code. :laugh: :crazy: It's like taking an unknown Pill ...

And there is likely a reason, why someone offers free OC-Extensions. It's either a known Dev, so
trying to add to popularity, or then some crazy Nut, like me, possibly trying to give something back,
or then, it might be done, to serve a specific purpose. Not long ago, a fellow tried to add OC-Sites
to some Crypto-Currency-Network, to make use of their Memory and Serverpower, free of charge.
And others try other things, to somehow make a profit out of all those innocent Fellows, not aware
of what they're doing on/with their Servers, in the first place. Or then, just not give a Damn about it ...

But you can't trust anyone on the Web, who offers something for free. Not even paid. Still, OC Mods
do not consist out of complicated Windows-like Code, it's mostly easy to find out, if screwy Code
has been placed somewhere. But it might take a little time, and some basic Knowledge, like in any other
Business on this Planet, to make sure, that no strange Code will ever be part of one's OC Installation.
Especially, when it comes to hardly readable base64- coded Content, sometimes containing such
unwanted Gizmos.

And those, who do, will succeed, while no-one cares about the Loosers, just like in real Life too ... 8) ;)
So, just take it easy, crying out loud does not change a thing. Many OC Users are Cheaters anyway, with
stolen Copies of Themes + Mods from smelly Sources, so, who should care about, what possibly has
been placed in such Code ?! But OC has no control, they depend on User Reports, if some Extensions,
offered within the official OC Extension Section, might not be 'clean'.
https://www.opencart.com/index.php?rout ... rt/contact

Good Luck! ;)
Ernie

For Sale: Top URL's, including OpenCart V-Pro installed, like seen here:
http://www.bigmax.ch - http://www.ipcam.li - http://www.opencart.li
For Information + URL's offered, please contact me at: jti@jacob.ch
I am NOT available for Custom Support in existing OC Installations!
My Github Repositories: https://github.com/IP-CAM
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by OSWorX » Mon Sep 17, 2018 3:55 pm

rp_ wrote:
Sun Sep 16, 2018 11:34 pm
When I post on the product comments that its a scammy script, it gets deleted. I hope this message is in the correct section, if not, may a moderator move it to the proper location. The community needs to know.

Again, his name is Webmart.fr. He needs to be banned for such nonsense. Whats next, deploy bot nets to users Opencart sites?
Beware of all scripts obtained, both free and paid.
Unfortunetaly comments can be deleted by the coders itself.
So, no matter how many times you post it there, he will delete it.
But I reported this extension and the dev, waiting now for a reply of the stuff.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by Webmart.fr » Mon Sep 17, 2018 11:21 pm

Mr RP_ (anonymous), the disappointment of the internet that are said anonymous.

I would like to thank the OC community for plenty of interest bearing the discussions. Mr. RP_ Who are you? Have you created extensions? What are your extensions? What is your intention of this doggedness battle about the company (Webmart.fr). Are you a competitor? I believe you are a competitor! Let's move on, I have a lot of free extensions as a fee and indeed only one of my extensions (Discount Persent Riddon) has a directional re link that does not interfere with the functioning of the sites. Do you want a paid version of the extension? "Or you want it to be free when I install it" I can not find a solution to your so-called big problem, because in addition to being for free, I am suffering the consequences, so i am asking you again the question, do you want a paid version of the extension?
Also sending you a link to remove "Powered By Opencart" from the footer on the default theme to opencart.
PS: Following the racial insults you carry in the comments of the extension, I am not French or Homosexual.

Thank you
Webmart.fr (non-anonymous)

User avatar
Newbie

Posts

Joined
Mon Sep 17, 2018 9:55 pm


Post by rp_ » Tue Sep 18, 2018 11:11 pm

@Ernie: Nice word salad! I have not a clue WTF you were on about. Did you mean to say "Don't look at the man behind the curtain, Look Over Here!"
@ Webmart.fr: Yeah, lets move on... After you are banned off this site. You are a THIEF!! Sorry, I have zero tolerance for thieves or scumbags, and you sir fit both categories. How can you compare the "Powered by Opencart" link to what your 'link' was set to do? There is no justification for what you did. Got it, Son?
You are a scammer and a bad example for other programmers on this site. How many other programs did you 'spike'? How many OC websites have your Discount Percent Ribbon installed and have no idea you are scamming their Review scores.
@OSWorX: Thank you for stepping up. You're a good man. I have also reported with a Contact-Us a few days ago, and have not heard back, and yet I see the offender is still active and the script is still being available and being downloaded.

rp_
Newbie
Online

Posts

Joined
Tue Jun 26, 2018 12:30 am
Who is online

Users browsing this forum: No registered users and 10 guests