v1.6-v1.7-v8x Urgent Security vulnerability for those ho installed "Super checkout module" all versions

Coolt

Coolt

Active member
Elite
XNullUser
Joined
Dec 20, 2021
Messages
273
Reaction score
183
Points
43
NullCash
2,263
Be crefull there is a hacker ho try to hack the "super checkout module" through vulnerabilities with php:

1- Try to check your logs, you must retrieve a user agent called "python"
2- Check your module files through ftp

- Files/path witch he try to access:

?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField

and

/modules/supercheckout/views/img/upload/1709889405_2024x2024x_xsamxadoo.php.php


=> Examine any file that you are unsure of, and look for code changes to existing files, especially php files.
 
N

noti_italy

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Jan 15, 2022
Messages
544
Reaction score
896
Points
93
NullCash
2,423
thank you for the warning

all modules you install that have upload permission functions
always analyze these functions
There are always open holes for hackers to exploit

Get to know prestashop well and configure the server to be the first blocking front

Always have fal2ban installed and with rules to analyze and ban suspicious traffic

Always have modsecurity installed with rules to block this type of suspicion

I'm in favor of blocking unwanted countries by geoip using modsecutity

certain prestashop features should only be active for logged in customers

and thank god prestashop is not wordpress
Post automatically merged:

look this
109.207.172.138 - - [08/Mar/2024:09:01:43 +0100] "POST /en//index.php?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField HTTP/1.0" 403 199 "-" "python-requests/2.27.1"
 
H

hxcode

Well-known member
Master
Diamond
Elite
Joined
Aug 16, 2020
Messages
3,267
Reaction score
357
Points
83
NullCash
40
Thank you for your reminder. Website security cannot be ignored.
 
R

rol5

Member
XNullUser
Joined
Mar 17, 2022
Messages
113
Reaction score
0
Points
16
NullCash
4
Thank you for your reminder. Website security cannot be ignored.
This is a really big problem.
 
V

vivozivo

Well-known member
Diamond
Elite
Joined
Sep 24, 2019
Messages
1,064
Reaction score
495
Points
83
NullCash
12
Of course you need to be carefull with all modules downloaded from this forum, but be carefull also with modules downloaded from official Prestashop addons. Check all modules with antimalware and anti virus, and this is not enough, use always active protections on the host and site.

Reason why will someone attack Prestashop installation is always "stealing traffic", they can quicly monetise traffic, even two days is enough for them if the shop have high traffic. They will just redirect visitors (all your traffic) to different location. Sometimes they just want to send spam mail messages (fishing).

I only once downloaded content from this forum "infected" with malware, and reported imidiately this post, and "infected" post was removed the same day.
 
Last edited:
A

amitecosini

Member
XNullUser
Joined
Oct 11, 2023
Messages
99
Reaction score
4
Points
8
Location
US
NullCash
56
i think normal people was not think this issue or problem ,maybe you need to pay for fixed it
 
javialbox

javialbox

Well-known member
Master
Diamond
Elite
Joined
May 23, 2020
Messages
462
Reaction score
1,717
Points
93
NullCash
2,353
Coolt said:
Be crefull there is a hacker ho try to hack the "super checkout module" through vulnerabilities with php:

1- Try to check your logs, you must retrieve a user agent called "python"
2- Check your module files through ftp

- Files/path witch he try to access:

?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField

and

/modules/supercheckout/views/img/upload/1709889405_2024x2024x_xsamxadoo.php.php


=> Examine any file that you are unsure of, and look for code changes to existing files, especially php files.
Click to expand...
Thanks for your information. You reported it to the module developers, right? To check the possible holes...This module has always had serious problems.
 
C

cmrcmr

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Sep 6, 2019
Messages
914
Reaction score
612
Points
93
NullCash
4,162
Gracias por comentar esta vulnerabilidad :)
 
S

slavi_946

Member
XNullUser
Joined
Dec 1, 2020
Messages
754
Reaction score
22
Points
18
NullCash
2
Can you please specify exactly what should we do for soemone who has no coding skills and knowledge?
 
deltas

deltas

Well-known member
Master
Diamond
Elite
Joined
Jan 13, 2020
Messages
741
Reaction score
634
Points
93
NullCash
1,640
Thanks for warning, good to know. Gonna check asap
 
ernestg

ernestg

Member
XNullUser
Joined
May 29, 2019
Messages
477
Reaction score
0
Points
16
NullCash
1
thank you the the headsup and warning Prestashop shopowners ;-)
 
unique

unique

Well-known member
Diamond
Elite
XNullUser
Joined
Dec 12, 2020
Messages
1,763
Reaction score
407
Points
83
NullCash
613
thank you the the headsup and warning Prestashop shopowners ;-)
 
E

eskatemp

Member
XNullUser
Joined
May 12, 2020
Messages
128
Reaction score
0
Points
16
NullCash
3
Thank you for reporting this. It is very important to download safety module :)
 
You must log in or register to reply here.
Top