Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Its Seem Someone Trying To Hack Us Rate Topic   - - - - -

 

Posted 02 September 2018 - 07:32 AM #1

after error message happen in our database as attach .

i write it in post https://forum.cs-car...database-error/

we install add-on cs-commerce live search

in search history in our backend there many unkhown search history 

(

 

unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\ 1 0 en 1151 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini 1 0 en 1150 ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini 1 0 en 1149 /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini 1 0 en 1148 ..\..\..\..\..\..\..\..\windows\win.ini 1 0 en 1147 ................windowswin.ini 1 0 en 1146 ????????????????????????????????????????????????windows??win.ini 1 0 en 1145 c:/windows/win.ini 1 0 en 1144 ../../../../../../../../../../windows/win.ini 2 0 en 1143 /\../\../\../\../\../\../\../etc/passwd 1 0 en 1142 file:///etc/passwd 3 0 en 1141 ..??..??..??..??..??..??..??..??etc/passwd 1 0 en 1140 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd 1 0 en 1139 ../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd ) 

all come from on IP its seems in Saudi Arabia  .

also after complete order in logs there message >>>  converter.cart-services.com/PDF/render  <<< it another website render PDF 

 

can any one tell me please what is that its seems we trying to be hacked.

 

 

 

 

unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\ 1 0 en 1151 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini 1 0 en 1150 ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini 1 0 en 1149 /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini 1 0 en 1148 ..\..\..\..\..\..\..\..\windows\win.ini 1 0 en 1147 ................windowswin.ini 1 0 en 1146 ????????????????????????????????????????????????windows??win.ini 1 0 en 1145 c:/windows/win.ini 1 0 en 1144 ../../../../../../../../../../windows/win.ini 2 0 en 1143 /\../\../\../\../\../\../\../etc/passwd 1 0 en 1142 file:///etc/passwd 3 0 en 1141 ..??..??..??..??..??..??..??..??etc/passwd 1 0 en 1140 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd 1 0 en 1139 ../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd
 

 

Attached Thumbnails

  • Capture.PNG
  • Capture2.PNG
  • Capture3.PNG


 
  • poppedweb
  • Authorized Reseller
  • Members
  • Join Date: 02-Aug 16
  • 421 posts

Posted 02 September 2018 - 04:42 PM #2

 

after error message happen in our database as attach .

i write it in post https://forum.cs-car...database-error/

we install add-on cs-commerce live search

in search history in our backend there many unkhown search history 

(

 

unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\ 1 0 en 1151 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini 1 0 en 1150 ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini 1 0 en 1149 /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini 1 0 en 1148 ..\..\..\..\..\..\..\..\windows\win.ini 1 0 en 1147 ................windowswin.ini 1 0 en 1146 ????????????????????????????????????????????????windows??win.ini 1 0 en 1145 c:/windows/win.ini 1 0 en 1144 ../../../../../../../../../../windows/win.ini 2 0 en 1143 /\../\../\../\../\../\../\../etc/passwd 1 0 en 1142 file:///etc/passwd 3 0 en 1141 ..??..??..??..??..??..??..??..??etc/passwd 1 0 en 1140 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd 1 0 en 1139 ../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd ) 

all come from on IP its seems in Saudi Arabia  .

also after complete order in logs there message >>>  converter.cart-services.com/PDF/render  <<< it another website render PDF 

 

can any one tell me please what is that its seems we trying to be hacked.

 

 

 

 

unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\ 1 0 en 1151 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini 1 0 en 1150 ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini 1 0 en 1149 /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini 1 0 en 1148 ..\..\..\..\..\..\..\..\windows\win.ini 1 0 en 1147 ................windowswin.ini 1 0 en 1146 ????????????????????????????????????????????????windows??win.ini 1 0 en 1145 c:/windows/win.ini 1 0 en 1144 ../../../../../../../../../../windows/win.ini 2 0 en 1143 /\../\../\../\../\../\../\../etc/passwd 1 0 en 1142 file:///etc/passwd 3 0 en 1141 ..??..??..??..??..??..??..??..??etc/passwd 1 0 en 1140 ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd 1 0 en 1139 ../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd
 

 

 

Hello,

 

Please remove this post and rename your admin script since everyone can view it a.t.m.

 

Regarding the SQL errors, this most likely is the result of the developer not using the provided database formatting tools. Please contact them and inform them about this issue.

 

If you need anything else, feel free to contact us at info@poppedweb.com

 

Kind regards,


PoppedWeb | sales@poppedweb.com | https://poppedweb.com
TurnKey Website Design | Add-Ons | Performance Audits | Dedicated Server Management
24/7 Support | Response within an hour (during working hours).

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 10838 posts

Posted 02 September 2018 - 10:03 PM #3

also note that cart-services.com is is the Simtech site used by cs-cart for rendering HTML -> pdf so if your invoices are pdf, that site will be used to convert them from html to pdf.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 

Posted 03 September 2018 - 05:18 AM #4

Hello,

 

Please remove this post and rename your admin script since everyone can view it a.t.m.

 

Regarding the SQL errors, this most likely is the result of the developer not using the provided database formatting tools. Please contact them and inform them about this issue.

 

If you need anything else, feel free to contact us at info@poppedweb.com

 

Kind regards,

 

so the problem from live search add-on . i will contact the cs-commerce to inform them to find solution about that. 

can you explain please how i can change the post name to your request .



 

Posted 03 September 2018 - 05:20 AM #5

also note that cart-services.com is is the Simtech site used by cs-cart for rendering HTML -> pdf so if your invoices are pdf, that site will be used to convert them from html to pdf.

 thank you EZ , i found that in app\tygh\pdf 

 

also thank you all for your help