v1.6-v1.7-v8x Urgent Security vulnerability for those ho installed "Super checkout module" all versions

Coolt

Coolt

Active member
Elite
XNullUser
Joined
Dec 20, 2021
Messages
277
Reaction score
184
Points
43
NullCash
2,257
Be crefull there is a hacker ho try to hack the "super checkout module" through vulnerabilities with php:

1- Try to check your logs, you must retrieve a user agent called "python"
2- Check your module files through ftp

- Files/path witch he try to access:

?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField

and

/modules/supercheckout/views/img/upload/1709889405_2024x2024x_xsamxadoo.php.php


=> Examine any file that you are unsure of, and look for code changes to existing files, especially php files.
 
N

noti_italy

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Jan 15, 2022
Messages
550
Reaction score
898
Points
93
NullCash
2,370
thank you for the warning

all modules you install that have upload permission functions
always analyze these functions
There are always open holes for hackers to exploit

Get to know prestashop well and configure the server to be the first blocking front

Always have fal2ban installed and with rules to analyze and ban suspicious traffic

Always have modsecurity installed with rules to block this type of suspicion

I'm in favor of blocking unwanted countries by geoip using modsecutity

certain prestashop features should only be active for logged in customers

and thank god prestashop is not wordpress
Post automatically merged:

look this
109.207.172.138 - - [08/Mar/2024:09:01:43 +0100] "POST /en//index.php?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField HTTP/1.0" 403 199 "-" "python-requests/2.27.1"
 
H

hxcode

Well-known member
Master
Diamond
Elite
Joined
Aug 16, 2020
Messages
3,279
Reaction score
360
Points
83
NullCash
39
Thank you for your reminder. Website security cannot be ignored.
 
R

rol5

Member
XNullUser
Joined
Mar 17, 2022
Messages
119
Reaction score
0
Points
16
NullCash
2
Thank you for your reminder. Website security cannot be ignored.
This is a really big problem.
 
V

vivozivo

Well-known member
Diamond
Elite
Joined
Sep 24, 2019
Messages
1,066
Reaction score
495
Points
83
NullCash
12
Of course you need to be carefull with all modules downloaded from this forum, but be carefull also with modules downloaded from official Prestashop addons. Check all modules with antimalware and anti virus, and this is not enough, use always active protections on the host and site.

Reason why will someone attack Prestashop installation is always "stealing traffic", they can quicly monetise traffic, even two days is enough for them if the shop have high traffic. They will just redirect visitors (all your traffic) to different location. Sometimes they just want to send spam mail messages (fishing).

I only once downloaded content from this forum "infected" with malware, and reported imidiately this post, and "infected" post was removed the same day.
 
Last edited:
A

amitecosini

Member
XNullUser
Joined
Oct 11, 2023
Messages
117
Reaction score
4
Points
18
Location
US
NullCash
4
i think normal people was not think this issue or problem ,maybe you need to pay for fixed it
 
javialbox

javialbox

Well-known member
Master
Diamond
Elite
Joined
May 23, 2020
Messages
463
Reaction score
1,720
Points
93
NullCash
2,326
Coolt said:
Be crefull there is a hacker ho try to hack the "super checkout module" through vulnerabilities with php:

1- Try to check your logs, you must retrieve a user agent called "python"
2- Check your module files through ftp

- Files/path witch he try to access:

?fc=module&module=supercheckout&controller=supercheckout&ajax=1&method=SaveFilesCustomField

and

/modules/supercheckout/views/img/upload/1709889405_2024x2024x_xsamxadoo.php.php


=> Examine any file that you are unsure of, and look for code changes to existing files, especially php files.
Click to expand...
Thanks for your information. You reported it to the module developers, right? To check the possible holes...This module has always had serious problems.
 
C

cmrcmr

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Sep 6, 2019
Messages
918
Reaction score
632
Points
93
NullCash
4,279
Gracias por comentar esta vulnerabilidad :)
 
S

slavi_946

Member
XNullUser
Joined
Dec 1, 2020
Messages
763
Reaction score
22
Points
18
NullCash
30
Can you please specify exactly what should we do for soemone who has no coding skills and knowledge?
 
deltas

deltas

Well-known member
Master
Diamond
Elite
Joined
Jan 13, 2020
Messages
750
Reaction score
635
Points
93
NullCash
1,595
Thanks for warning, good to know. Gonna check asap
 
ernestg

ernestg

Member
XNullUser
Joined
May 29, 2019
Messages
477
Reaction score
0
Points
16
NullCash
1
thank you the the headsup and warning Prestashop shopowners ;-)
 
unique

unique

Well-known member
Diamond
Elite
XNullUser
Joined
Dec 12, 2020
Messages
1,799
Reaction score
407
Points
83
NullCash
510
thank you the the headsup and warning Prestashop shopowners ;-)
 
E

eskatemp

Member
XNullUser
Joined
May 12, 2020
Messages
128
Reaction score
0
Points
16
NullCash
3
Thank you for reporting this. It is very important to download safety module :)
 
You must log in or register to reply here.
Top