osCommerce question (not the usual sort)

miju · 30-09-2007 9:12pm #1

Have been using osCommerce for years and have never come across this:

today while ironing out the finishing touces to a store for a client today I made a test purchase and low and behold when I go into the admin section to view the order theres about 20 spam orders for Dell Inspirons and Viagra etc basically a load of stuff the site doesnt sell.

Has anyone here every come across this before because I certainly haven't ? Everything is secured on the site as well which is perplexing me?

forbairt · 01-10-2007 7:21am

miju wrote:

Have been using osCommerce for years and have never come across this:

today while ironing out the finishing touces to a store for a client today I made a test purchase and low and behold when I go into the admin section to view the order theres about 20 spam orders for Dell Inspirons and Viagra etc basically a load of stuff the site doesnt sell.

Has anyone here every come across this before because I certainly haven't ? Everything is secured on the site as well which is perplexing me?

Haven't come across that before ... did you have anyone testing out the site ? someone trying some kinda injection attack on the system ?

mneylon · 01-10-2007 7:44am

Was there a demo user or demo data at some point?

di11on · 01-10-2007 9:13am

Silly question... but I presume your admin area is password protected?

Have you deleted the install directory?

miju · 01-10-2007 7:40pm

blacknight wrote:

Was there a demo user or demo data at some point?

there wasn't actually as i just happened to decide to delete it when i installed osCommerce (normally wouldn't though)

di11on wrote:

Silly question... but I presume your admin area is password protected?

Have you deleted the install directory?

yep everything install related is deleted and admin area is renamed and password protected with .htaccess with a 8 number / character password

have to say am very perplexed by it

WPI20000 · 01-10-2007 10:36pm

MAke your password really hard to guess

di11on · 02-10-2007 7:39am

miju wrote:

.... and 8 number / character password ...

I'd say that wuold be hard to guess!

CptSternn · 02-10-2007 7:50am

Do you have access to your web logs? I would definately look to see where that came from. I have seen similar issues with other shopping cart software - backdoors or bugs that can be accessed via the web (or automated via script).

If I were you I would find those logs and see exactly what they did to inject those records into your system, else you may find they are able to cause havok later if they perfect the technique.

miju · 02-10-2007 7:52am

well actually i think it is it'd look something like 9PaSwORD9 (not the actual password - use 2 instead

)

osCommerce question (not the usual sort)

Comments