[SOLVED - not an issue] Security issue with encyption key?

Quote

Post by GWShop » Mon May 24, 2021 4:17 am

I found out that someone tried to exploit my site by using the Encryption SSL key through Settings/Server .

How did that happen? The SSP encryption key was not a straightforward line, full of letters. Instead, before that line, I saw that message:
</span>ïd=inpu encryption" class="form-control"

This was copy-pasted around 4 times together with some pre-made text.

So is this a security issue?
GWShop
New member
Posts
79
Joined
Mon May 24, 2021 1:46 am
Top

Re: Security issue with encyption key?

Quote

Post by straightlight » Mon May 24, 2021 9:11 pm

GWShop wrote:
Mon May 24, 2021 4:17 am
 I found out that someone tried to exploit my site by using the Encryption SSL key through Settings/Server .

How did that happen? The SSP encryption key was not a straightforward line, full of letters. Instead, before that line, I saw that message:
</span>ïd=inpu encryption" class="form-control"

This was copy-pasted around 4 times together with some pre-made text.

So is this a security issue?
Correct. However, it can also be caused by an installed extension but is not a bug from the core.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester

straightlight
Legendary Member
Posts
22377
Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Top

Re: Security issue with encyption key?

Quote

Post by ADD Creative » Tue May 25, 2021 4:24 am

GWShop wrote:
Mon May 24, 2021 4:17 am
 I found out that someone tried to exploit my site by using the Encryption SSL key through Settings/Server .

How did that happen? The SSP encryption key was not a straightforward line, full of letters. Instead, before that line, I saw that message:
</span>ïd=inpu encryption" class="form-control"

This was copy-pasted around 4 times together with some pre-made text.

So is this a security issue?
How do you know someone tried to exploit your site? Could it not just be your template for the setting page has been corrupted, maybe by an extension?

www.add-creative.co.uk

ADD Creative
Expert Member
Posts
4634
Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom
Top

Re: Security issue with encyption key?

Quote

Post by GWShop » Thu Jun 03, 2021 9:59 pm

So it wasn't a hacker.

It was the Greek language file! That very weird.

So anyone that has used Greek translation? Which one shall I download? Something that doesn't have issues.

Thanks.
GWShop
New member
Posts
79
Joined
Mon May 24, 2021 1:46 am
Top

Re: Security issue with encyption key?

Quote

Post by OSWorX » Fri Jun 04, 2021 4:56 pm

GWShop wrote:
Thu Jun 03, 2021 9:59 pm
 So it wasn't a hacker.

It was the Greek language file! That very weird.
One of those many reasons why everyone has to post in his first message,
1. which OpenCart version is used
2. which additonal extensions are used
3. any modifications are used/made
4. which template is used
5. which languages are additonally installed/used

What for do you all think is this here: viewtopic.php?f=176&t=200480

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.

User avatar
OSWorX
Guru Member
Posts
7532
Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria
Top
Post Reply
Return to “Security & Server”
Who is online

Users browsing this forum: No registered users and 29 guests