Unsure how this broke , but I did notice mysql upgrade to Server version: 5.7.26-29-57-log Percona XtraDB Cluster a few days ago
how can I recreate the missing oc_session tables ?
oc_session_WARNING
oc_session_encrypt
are still their
Fatal error: Uncaught Exception: Error: Table 'opencartGTAGF.oc_session' doesn't exist<br />Error No: 1146<br />SELECT `data` FROM `oc_session` WHERE session_id = '72c913db630cbd07783a2649bd' AND expire > 1568440968 in /var/www/html/system/library/db/mysqli.php:40 Stack trace: #0 /var/www/html/system/library/db.php(45): DB\MySQLi->query('SELECT `data` F...') #1 /var/www/html/system/library/session/db.php(21): DB->query('SELECT `data` F...') #2 /var/www/html/system/library/session.php(72): Session\DB->read('72c913db630cbd0...') #3 /var/www/html/system/framework.php(106): Session->start('72c913db630cbd0...') #4 /var/www/html/system/startup.php(104): require_once('/var/www/html/s...') #5 /var/www/html/index.php(19): start('catalog') #6 {main} thrown in /var/www/html/system/library/db/mysqli.php on line 40
Fatal error: Uncaught Exception: Error: Table 'opencartGTAGF.oc_session' doesn't exist<br />Error No: 1146<br />REPLACE INTO `oc_session` SET session_id = '72c913db630cbd07783a2649bd', `data` = '[]', expire = '2019-09-14 07:02:48' in /var/www/html/system/library/db/mysqli.php:40 Stack trace: #0 /var/www/html/system/library/db.php(45): DB\MySQLi->query('REPLACE INTO `o...') #1 /var/www/html/system/library/session/db.php(32): DB->query('REPLACE INTO `o...') #2 /var/www/html/system/library/session.php(81): Session\DB->write('72c913db630cbd0...', Array) #3 [internal function]: Session->close() #4 {main} thrown in /var/www/html/system/library/db/mysqli.php on line 40
the only other thing was I ran into permission errors while trying to make a backup so thinking something else might be broken
mysqldump -u root -p --lock-for-backup --all-databases> alldb13092019.sql
mysqldump: Couldn't execute 'SHOW FIELDS FROM references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them (1356)
So you have this table name?
opencartGTAGF.oc_session
opencartGTAGF.oc_session
Upgrade Service | OC 2.3.0.2 PHP 8 | My Custom OC 3.0.3.8 | Buy me a beer
worked it out opencart was hacked and sql database is now ransomware
what can be done to stop opencart displaying the passwords in plain text on the error page when it can not connect to a sql database ...
LOCK TABLES `oc_address_WARNING` WRITE;
/*!40000 ALTER TABLE `oc_address_WARNING` DISABLE KEYS */;
INSERT INTO `oc_address_WARNING` VALUES (1,'Your `oc_address` table has been encrypted. For decription you need to pay 0.060000 bitcoin to the address 1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC\nAfter payment you should go to the http://bp7hhvchre5ifqd6.onion/order/...WaMtDm3FAqhJXC using tor client and get your unique secret key.\nAfter receiving the key, you must execute mysql request: UPDATE oc_address SET field = AES_DECRYPT(field, \'YOUR-SECRET-KEY\');\n\nIf you want, you can check how this works on this table. Field "secretProof" is encrypted with a simple key, execute the request:\nUPDATE oc_address_WARNING SET secretProof = AES_DECRYPT(secretProof, \'keyForProof\');\n\nAttention. This key does not work for your master data. Do not use it, otherwise you may permanently damage the data. To get the key you need, contact us.Field `tableStruct` contains the original names and type of your table. The key for decoding is the same as key for prof: keyForProof','1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC',' http://bp7hhvchre5ifqd6.onion/order/1nW ... C',_binary '\Z\Ï\Âb\0OòGD\ç!\Z¯av€:rfqI5\ÄÉû$z.ev·n\á* \ÈJ Pð6N³Œ Fó\ÛU"\á0C\Çd\Æ{+$«\ëX1Ž[9<#¿,VG·>Ž\Ï(L\r\Æ\ï]±]y\ßRÔŒ\à\Þs\Ý{ðú\Ö\â³\ÂW\Ê\ì&S®\'K\ÆV1uÀ\×\ÞX\ÒE ñm|',_binary 'K¶.²O³qÞ®cÑ ŠþVÓs\ïIª\Ã[\Ètgýq2ý°Â¿D\Ь߀ÿÿ{z\Ï+\à8ö#w6$ºgHzrv»ñ\îúû ð¢\Úù3ŸZ`\Ô÷šQW·\Ø[\ÞD°œ `\Ø0£H±g>\ZðJY\Õl_{\ÚBð\rÚbmw o_Ú¹CÁI\'·²PTAJ\\7\Ð)Š\Zð Q\'\Û\Ù" +&u\ä±ùõ\0Eh¶-\Ä÷¢\ØTŸ¯\Í_\ÄP\0VÒh;Q\ÎZayeD[M\05!0\Ú\ÆM?ËþZ¶ý¯\r«\é \ê\ÝB2÷¹\'/öhaVŒ\î{©ó*a\Ç\äa\Ò\ÈLB%g£ÍÁ²ýg¡°ý\ÜN®ýËœZR^ h\ï\Å\Ò*\ï\Ø_\à<ú\èº\îp>n\Ã\ÇÁ\Ò\ß\í\Ö@ý+');
/*!40000 ALTER TABLE `oc_address_WARNING` ENABLE KEYS */;
UNLOCK TABLES;
what can be done to stop opencart displaying the passwords in plain text on the error page when it can not connect to a sql database ...
LOCK TABLES `oc_address_WARNING` WRITE;
/*!40000 ALTER TABLE `oc_address_WARNING` DISABLE KEYS */;
INSERT INTO `oc_address_WARNING` VALUES (1,'Your `oc_address` table has been encrypted. For decription you need to pay 0.060000 bitcoin to the address 1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC\nAfter payment you should go to the http://bp7hhvchre5ifqd6.onion/order/...WaMtDm3FAqhJXC using tor client and get your unique secret key.\nAfter receiving the key, you must execute mysql request: UPDATE oc_address SET field = AES_DECRYPT(field, \'YOUR-SECRET-KEY\');\n\nIf you want, you can check how this works on this table. Field "secretProof" is encrypted with a simple key, execute the request:\nUPDATE oc_address_WARNING SET secretProof = AES_DECRYPT(secretProof, \'keyForProof\');\n\nAttention. This key does not work for your master data. Do not use it, otherwise you may permanently damage the data. To get the key you need, contact us.Field `tableStruct` contains the original names and type of your table. The key for decoding is the same as key for prof: keyForProof','1nW82ZSkhT5Xzs8Gc9vWaMtDm3FAqhJXC',' http://bp7hhvchre5ifqd6.onion/order/1nW ... C',_binary '\Z\Ï\Âb\0OòGD\ç!\Z¯av€:rfqI5\ÄÉû$z.ev·n\á* \ÈJ Pð6N³Œ Fó\ÛU"\á0C\Çd\Æ{+$«\ëX1Ž[9<#¿,VG·>Ž\Ï(L\r\Æ\ï]±]y\ßRÔŒ\à\Þs\Ý{ðú\Ö\â³\ÂW\Ê\ì&S®\'K\ÆV1uÀ\×\ÞX\ÒE ñm|',_binary 'K¶.²O³qÞ®cÑ ŠþVÓs\ïIª\Ã[\Ètgýq2ý°Â¿D\Ь߀ÿÿ{z\Ï+\à8ö#w6$ºgHzrv»ñ\îúû ð¢\Úù3ŸZ`\Ô÷šQW·\Ø[\ÞD°œ `\Ø0£H±g>\ZðJY\Õl_{\ÚBð\rÚbmw o_Ú¹CÁI\'·²PTAJ\\7\Ð)Š\Zð Q\'\Û\Ù" +&u\ä±ùõ\0Eh¶-\Ä÷¢\ØTŸ¯\Í_\ÄP\0VÒh;Q\ÎZayeD[M\05!0\Ú\ÆM?ËþZ¶ý¯\r«\é \ê\ÝB2÷¹\'/öhaVŒ\î{©ó*a\Ç\äa\Ò\ÈLB%g£ÍÁ²ýg¡°ý\ÜN®ýËœZR^ h\ï\Å\Ò*\ï\Ø_\à<ú\èº\îp>n\Ã\ÇÁ\Ò\ß\í\Ö@ý+');
/*!40000 ALTER TABLE `oc_address_WARNING` ENABLE KEYS */;
UNLOCK TABLES;
For all hacks, we always recommend www.getastra.com/pricingMasterCATZ wrote: ↑Sun Sep 15, 2019 10:44 pmworked it out opencart was hacked and sql database is now ransomware
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Who is online
Users browsing this forum: No registered users and 52 guests
