BEWARE -
S.H.E.N.PROJECT - DETECT BUGS INTO YOUR SERVER
BEWARE -
S.H.E.N.PROJECT - DETECT BUGS INTO YOUR SERVER
Keep
your Information Safe, upgrade and patch your web services, this is NOT
a hack just a proof of concept about security issues, check details
below and fix your system asap.
Your System Has Been
Compromised
#BEWARE
#Your
System Has Been Compromised
#Detaills:
RCE =>
osCommerce rc2.2
FILE =>
/public_html/tienda/catalog/admin/file_manager.php
FPD =>
//public_html/tienda/catalog/admin/file_manager.php?/login.php?action=[query]
Posible Solution
=> Config .htaccess
Posible Solution
=> Protect Admin/ dir
Posible Solution
=> Remove Affected Files
POC =>
/public_html/tienda/catalog/admin/sh3n.php
POC =>
/public_html/sh3n.php
POC =>
/public_html/index.html
REMOVE THOSE
FILES INMEDIATLY AFTER YOU SAW THIS ADVICE
#Security Audition Ends
#Guide_Shen
#Security System Auditor
#http://guideshen.blogspot.com