I am trying to solve a problem for one of my clients webshops using magento v1.x, which was hacked a couple of days ago. They have removed all original payment options, and replaced it with their own credit card form. I have tried setting everything back trough the Magento webshop manager, but there all options are correct with the correct payment settings (we had a simular attack a long time ago, but then they simply changed the settings via the Magento Manager, so that was an easy fix back then).
I have tried recovering a backup of the webshop, loosing all items added after that (aprox 7k items, all with hand placed pictures, 3 per item), but even then only the credit card checkout remains on the website. After that I have tried copying the entire public_html folder from a working backup, direclty into the server, and again, only the credit card chechout remains.
Where can I start searching next if even replacing the entire public_html folder doesnt solve this problem? Can they be redirecting a part of the Magento code to their own?
All help is welcome!
First of all apply all Magento security patches. After that, check Payment options page in System >> Configuration. There is probably some extra payment method added there. If not, you should check the checkout url is it the default one (there might be some redirect added from your old site to hackers site. If it is the correct url, inspect element for credit card part, to find a piece of code that you could search for in the codebase or in database.
After that you should search all tables in the database for that string (that you inspected) - you can do that using search functionality in PhpMyAdmin easily.
After that search through the whole codebase for that string, to see where it is injected.
Hope that this will help you!
Related
I am building an application that connects to a mysql database. I set up the data connections and data source (data set) and have begun working on development, going back and forth between adding tables and views to the database and adding forms and components to the application.
I have up to now used the "Configure Data Source with Wizard" wizard to refresh the dataset in the application. Sometimes it takes a couple click throughs to get it to fully load the changes, but that's not the end of the world.
Today, without me knowingly changing anything, when I click on the wizard button, the frame of the wizard opens and closes instantly.
My data is accessible, and the parts of the application already developed work just fine, but I don't know how to add new tables and views to my project. My worry is that something went screwy in one of the auto generated dbDataSet.* files.
I'm happy to provide more information if that will help.
To answer my own question for whomever comes here next:
I came across this solution:
https://stackoverflow.com/a/4749044/7640114
It links to a microsoft.com page that is no longer available, but copies the relevant information. Finding the corresponding files is not hard, but knowing what the wrong Provider is may not be so simple.
Mostly because of a lack of patience, I just went with the second option and deleted the entire folder, which may have been overkill. It worked, and I have access to the wizard again and can continue development, but it also wiped out my workspace layout which I now have to rebuild from my memory.
Win some/loose some. In the end, I suggest being more delicate and removing lines of code from DefaultView.SEView first, and then moving on to trying to delete the file and the folder if nessasary.
A friend of mine got in touch because his wordpress site was showing "error establishing database connection" (the website has been working for 2 years up until now). I checked out his config pinged the database IP and found it timing out. I told him many times he needs to contact his host but he never knows what i'm on about so gets frustrated and just expects me to work magic.
Anyway i visited an address i got sent by i assume the dev/previous dev which took me to phpmyadmin could log into the database, all data is still there, great.
i cannot get the ip as he wont contact the host. so i tried the IP of the phpmyadmin site, no luck (i assume its some sort of reverse proxy as i believe he has shared hosting)
so i just try the 0.0.0.0 meta-address. this works fine
i also notice the database name, user and password has been changed by someone since then. so i plug these new credentials in. Visit the website, great its back up.
however when i visit the site it makes me go through the "wordpress install" which i find weird as i assumed the website would just work. the site just shows the default wordpress page. his website is now gone. i don't use wordpress because its wordpress. so my knowlage is now very limited at this point. Iv looked at the database and i can see in the {websitename}posts table that all his content is there still. for example all the paragraphs for the services he provides, image links etc. i look in wp-content/uploads/2018/01 and all the pictures the website had are still there.
When i go to the wp-admin UI and click on pages tab, there are no pages. all his previous ones are gone. i go to media tab and there no images i go to appearance and activate the theme that his dev used. still nothing. its as if its a fresh install.
as all his content is still i the database and all the files like images are still on the server etc. there must be a way to get his custom pages back?
i'm not sure when he last had someone touch wordpress or any code but is it safe to say the hosts making this change and whoever changed the database name and user is to blame? (he is going to want to know what went wrong)
if its any sort of help here is the theme that is used
any help is much appreciated, thanks
UPDATE
i can see in the {sitename}posts table the post_title column has the name of his pages in post_status is publish or inherit comment_status is closed ping_status is closed
I recently downloaded Web2Project after going through the reviews. Installation was a breeze and the application is neatly aligned. I was able to create the users, assign permissions, create companies etc.
However when I am trying to create a project , despite filling all the fields in the screen the page just refreshes back without giving any error message or creating a project.
I am looking to see if there is a way to troubleshoot what is going on with the page. I tried exploring to create an account in Web2Project support forums but not able to create an account through the available media and hence seeking technical assistance through Stackoverflow.
Web2Project New Installation
Web2Project Code (Just installed on WAMP Server) -- Projects Module
After filling all the fields in the Project Screen, the project should be created.
But the screen just refreshes without creating the project. No errors shown. When I go to Project List page nothing is created.
I was facing same problem. Took a lot of work until realized that the cause was the field PROJECT_ID of the table PROJECTS was not created with the auto increment definition. I just seted up this property and the problem was solved.
How did i discover the cause of the problem? In the SYSTEM ADMIN module, access the SYSTEM CONFIGURATION page, and then set the value of the field DEBUG LEVEL to 1, and check the field SHOW DEBUG MESSAGES. This will allow the web2project to log into C:\Windows\Temp\PHP72x64_errors.log (in case of my instalation) the error.
Good luck!
I'm facing the same problem and took a lot time to solved until I came here.
Goto the table project immediately, found no auto_increment in project_id field. Put it on, it worked!
And hoping current web2Project maintainer will fix this in their installer.
Thank you!
I'm having a little issue with a Wordpress site. What I want to do is to migrate all the posts/news from one installation to a new one, including it's images.
So what I did, apart from reading a lot of tutorials, was.
First Download the XML that contains all the info from the posts,
Second Uploaded the XML to the new site, it imported the posts, categories and authors with no problems, but with no images.
Third I transferred the images via FTP, to the same location, with no change in the names or anything. Also, the folder has all the permissions.
Fourth I read that after all this is done, it's necessary to do a MySQL change, related to the "post_content" where you should change the old domain, for the new. The change is made, but nothing happens, the images are still not visible.
So.. What could be the step that can be missing? Or did I made something wrong?
This post has the information related to the MySQL sentence to replace the "post_content" field.
Thanks in advance.
I know the "merge tables" question has already been asked in a variety of ways, but I can't seem to find an answer to my specific question.
Here's my deal: I've been designing a WordPress site for an organization for four weeks. When I began designing I took an export of the database and imported into my local development site. In the meantime, this organization has naturally continued to post things and receive/approve comments on their live site. On the local side, I have also created posts, edited pages, changed widgets, etc during development. So now that we're ready to launch the new site, I need to figure out how to merge these last four weeks of database changes from both the live site and the local site without losing anything on either side. How is this done?
If there have been inserts to both databases, then unfortunately there isn't a good way to merge. If your database contains the latest edits for the Post IDs that are shared then you can export them to XML and then import them into the other site.
This is done with the WordPress Importer plugin which can also be installed by visiting /wp-admin/import.php, the export can be done on /wp-admin/export.php. You can also remove any conflicts from the XML file manually, but make sure that you keep it well-formed.