Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Please check your 777 folders now. Rate Topic   - - - - -

 
  • Codies
  • Junior Member
  • Members
  • Join Date: 10-Jun 07
  • 25 posts

Posted 05 August 2007 - 05:29 AM #1

If you have any folders set to 777. please do a check.

I just found some weird php files appearing in my skins, var and images folders. These are the folders set to 777 as advised by the cs-cart user manual.

The php files has strange number as file name (i.e 433.php or 3242.php), It appears to be sending the SERVER vars to their websites.

I have taken my site down and doing a restore from last week version. My hosting company denied their server has been compromised and saying it must be php exploits from the cart. Maybe right, maybe not. I dont know for sure.

Please check yours to be safe.

Note:
I'm using cs-cart version 1.3.4 sp3

 
  • Codies
  • Junior Member
  • Members
  • Join Date: 10-Jun 07
  • 25 posts

Posted 05 August 2007 - 05:48 AM #2

Ok, googling the websites I decoded from the php files lead me to this post

http://www.sitepoint...ad.php?t=488709

I got exactly the same php files.

Can anyone offer some expertise on this matter ? I set skin, var, images to 777 and the rest to 644 (which left untouched).

Thank you.

 
  • zardos
  • Senior Member
  • Members
  • Join Date: 08-Feb 06
  • 1062 posts

Posted 05 August 2007 - 07:07 AM #3

Try this:

http://forum.cs-cart...833&postcount=7