|

Cs-Cart Hacked? :(
Posted 19 October 2006 - 07:23 PM #1
1) Under /shop/ there is a file db1.php which seems to be # 1 cause for the issue. (/shop/ is where cs-cart is installed. The alert caused by db1.php is PHP.RSTBackdoor and information for it can be found at http://www.symantec....4217-99&tabid=1
2) Under /shop/skins/ there seems to have been created a folder by the name /pro/ and under that the file xh seems to be another thing that is cauzing norton antivirus to cause the alert. The alert caused by this one is 'hacktool'.
Any one knows what is going on & how to fix this?
Thank you for the help.
Posted 19 October 2006 - 07:39 PM #2
You should contact your host about this situation.
Posted 19 October 2006 - 07:41 PM #3
Any easier suggestion?
Posted 19 October 2006 - 08:35 PM #4
if it was trhought a CS-cart bug, it should be fixed asap!
krur.com - multimedia company
CS-Cart v2.0.12 - italian mods (full translations and data + Banca Sella + Invoices / Fatture)
Posted 19 October 2006 - 08:37 PM #5
Posted 19 October 2006 - 08:46 PM #6
Also data was uploaded to /home/httpd/vhosts/domainname.com/httpdocs/shop/images , which indicates that the domainname.com domain in particular has website codew which enabled this exploit to occur.
Posted 19 October 2006 - 08:53 PM #7
Posted 19 October 2006 - 09:01 PM #8
P.S. domainname.com is just used to hide actual name, but I am sure you know what I mean.
Posted 19 October 2006 - 09:02 PM #9
Posted 20 October 2006 - 12:11 PM #10
Ilya M. Shalnev
CS-Cart team,
Vice CEO
http://twitter.com/bzzeke
http://www.facebook....100001396131346