snubbr.com

How would I use an Verisign SSL certificate?

Get a Verisign SSL certificate for 30 days FREE. Click here to use coupon...

Get a free trial of Verisign SSL certificates. Click here for this special deal...
Got a question... How would I use an Verisign SSL certificate? Hoping for any answer. My 2nd question... Hi there, I do hope you can help as our hosts are being rather stubborn on this one.

This morning the following command was executed on our OScommerce store.

/create_account.php?str=rm%20includes/application_top.php.

This command removed the application_top.php file and therefore left our store down. We obviously always keep backups of all files so it was up and running again in minutes, but we obviously want to prevent this happening again..

We have done the following.

1) Blocked the IP that executed the command.

2) Changed the CHMOD of applicaton_top.php to read only.

3) Changed all FTP passwords.

4) Changed all other passwords.

If anybody can point us in the right direction on how to resolve this it would be greatly appreciated, and hopefully it can prevent it happening to someone else in future...

Comments (68)

Good question... I dunno what is the answer. I'll do some poking around and get back to you if I got an good answer. You should email the people at Verisign as they probably could answer your Verisign question..

Comment #1

What security patch was this exploit fixed in?.

I just tried this on my shop and I got caught by one of my security filters that sniffs out any % in url's and blocked (not a default oscommerce function)..

Comment #2

I tried it on one of my sites and on the.

Demo Site.

And it didn't work on either of them (unless I did it wrong). I went to the create account page and entered the string in the address bar. Maybe that's not how it's done?.

This post has been edited by.

Baddog.

: 07 January 2009, 03:05..

Comment #3

The str variable is not used on a standard install...

Comment #4

Personally I fail to see how that could happen unless someone was stupid enough to do a PHP.

System().

Command on the query string.....

Comment #5

Well, according to.

Oscdox.

Variable Cross Reference.

$str.

Defined at:.

/includes/classes/http_client.php -> line 386.

/admin/includes/classes/phplot.php -> line 678.

/admin/includes/classes/phplot.php -> line 939.

/includes/modules/payment/authorizenet.php -> line 93.

Referenced 10 times:.

/includes/classes/http_client.php -> line 387.

/includes/classes/http_client.php -> line 389.

/admin/includes/classes/phplot.php -> line 682.

/admin/includes/classes/phplot.php -> line 683.

/admin/includes/classes/phplot.php -> line 686.

/admin/includes/classes/phplot.php -> line 688.

/admin/includes/classes/phplot.php -> line 689.

/admin/includes/classes/phplot.php -> line 691.

/admin/includes/classes/phplot.php -> line 940.

/includes/modules/payment/authorizenet.php -> line 97..

Comment #6

Hi there, I do hope you can help as our hosts are being rather stubborn on this one.

This morning the following command was executed on our OScommerce store.

/create_account.php?str=rm%20includes/application_top.php.

This command removed the application_top.php file and therefore left our store down. We obviously always keep backups of all files so it was up and running again in minutes, but we obviously want to prevent this happening again..

We have done the following.

1) Blocked the IP that executed the command.

2) Changed the CHMOD of applicaton_top.php to read only.

3) Changed all FTP passwords.

4) Changed all other passwords.

If anybody can point us in the right direction on how to resolve this it would be greatly appreciated, and hopefully it can prevent it happening to someone else in future...

Comment #7

Hane a look at this..

How To Secure Your Site..

Comment #8


This question was taken from a support group/message board and re-posted here so others can learn from it.

 

Categories: Home | Diet & Weight Management | Vitamins & Supplements | Herbs & Cleansing |

Sexual Health | Medifast Support | Nutrisystem Support | Medifast Questions |

Web Hosting | Web Hosts | Website Hosting | Hosting |

Web Hosting | GoDaddy | Digital Cameras | Best WebHosts |

Web Hosting FAQ | Web Hosts FAQ | Hosting FAQ | Hosting Group |

Hosting Questions | Camera Tips | Best Cameras To Buy | Best Cameras This Year |

Camera Q-A | Digital Cameras Q-A | Camera Forum | Nov 2010 - Cameras |

Oct 2010 - Cameras | Oct 2010 - DSLRs | Oct 2010 - Camera Tips | Sep 2010 - Cameras |

Sep 2010 - DSLRS | Sep 2010 - Camera Tips | Aug 2010 - Cameras | Aug 2010 - DSLR Tips |

Aug 2010 - Camera Tips | July 2010 - Cameras | July 2010 - Nikon Cameras | July 2010 - Canon Cameras |

July 2010 - Pentax Cameras | Medifast Recipes | Medifast Recipes Tips | Medifast Recipes Strategies |

Medifast Recipes Experiences | Medifast Recipes Group | Medifast Recipes Forum | Medifast Support Strategies |

Medifast Support Experiences |

 

(C) Copyright 2010 All rights reserved.