Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

May Have Been Hacked Rate Topic   - - - - -

 
  • mrmem
  • Member
  • Members
  • Join Date: 13-Jul 09
  • 96 posts

Posted 24 September 2020 - 02:35 AM #1

Something looked suspicious today and

checked my files changes detector and

saw files changed in

 

addon>paypal>func.php file

 

Dont think i ever made any changes there. 

Is there anyone who know where i can get copy of the original file of that so i can compare them.

Im currently using 4.6.3

Thanks in advance



 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 21077 posts

Posted 24 September 2020 - 04:45 AM #2

Try to find clean installation package, unpack it and compare files content. Sometimes CS-Cart marks unmodified files as modified


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11815 posts

Posted 24 September 2020 - 08:17 PM #3

Their comparison is horrible!  I.e. if you open a file and it's on a Linux system, the line endings may change or the newline at the end of file is added and they see it as a modification.  The proper way to do it is to strip all whitespace from the files before you compare.  During upgrade, I always have conflicts for stuff in var/langs or the composer control files even though none of those files have ever been touched.

 

Giving misleading conflict info obstructs valid conflict info with noise.   Hate to say it, but our EZ Admin Helper 'monitor files' functionality is much better.  Tells you what's been modified, new or removed.

 

Why is the snapshot file constantly updated?  It should be directly related to an upgrade, not updated on the fly.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • harmsmitsdev
  • Advanced Member
  • Members
  • Join Date: 22-Feb 20
  • 53 posts

Posted 25 September 2020 - 01:55 PM #4

Their comparison is horrible!  I.e. if you open a file and it's on a Linux system, the line endings may change or the newline at the end of file is added and they see it as a modification.  The proper way to do it is to strip all whitespace from the files before you compare.  During upgrade, I always have conflicts for stuff in var/langs or the composer control files even though none of those files have ever been touched.

 

Giving misleading conflict info obstructs valid conflict info with noise.   Hate to say it, but our EZ Admin Helper 'monitor files' functionality is much better.  Tells you what's been modified, new or removed.

 

Why is the snapshot file constantly updated?  It should be directly related to an upgrade, not updated on the fly.

If you open file on windows, it does change the line endings yes. On linux, certainly not. Furthermore, if you use version control, it will always enforce unix style line endings, which is what CS-Cart uses. So you are definitely doing something wrong if the hash  does not match.



 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11815 posts

Posted 25 September 2020 - 04:25 PM #5

I never open a file from Windoz.

I review files in 'vi' on Linux and do NOT save the files.  Example: right now it shows app/Tygh/Database/Mysqli.php as being changed.  It has never been modified, but it has been opened for viewing.  And the upgrade always shows conflicts for var/langs but none of those are ever modified by me either.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.