Jump to content
  • 0
GrzegorzZ

Where from this scanning?

Question

Hello, I just looked into my development server logs and saw [All IPs belong to Prestashop whole 91.240.109.x block]:

 

91.240.109.96 - - [28/Jul/2013:11:19:38 +0200] "GET

91.240.109.88 - - [28/Jul/2013:11:19:39 +0200] "GET

91.240.109.68 - - [28/Jul/2013:11:19:49 +0200] "GET

91.240.109.76 - - [28/Jul/2013:11:19:50 +0200] "GET

91.240.109.121 - - [28/Jul/2013:11:19:59 +0200] "GET

91.240.109.96 - - [28/Jul/2013:11:19:59 +0200] "GET

91.240.109.82 - - [28/Jul/2013:11:20:10 +0200] "GET

91.240.109.72 - - [28/Jul/2013:11:20:11 +0200] "GET

91.240.109.107 - - [28/Jul/2013:11:20:21 +0200] "GET

91.240.109.90 - - [28/Jul/2013:11:20:32 +0200] "GET

91.240.109.120 - - [28/Jul/2013:11:21:06 +0200] "GET

91.240.109.94 - - [28/Jul/2013:11:21:06 +0200] "GET

91.240.109.117 - - [28/Jul/2013:11:21:16 +0200] "GET

91.240.109.125 - - [28/Jul/2013:11:21:16 +0200] "GET

91.240.109.112 - - [28/Jul/2013:11:22:18 +0200] "GET

91.240.109.91 - - [28/Jul/2013:11:22:18 +0200] "GET

91.240.109.89 - - [28/Jul/2013:11:22:28 +0200] "GET

91.240.109.101 - - [28/Jul/2013:11:22:30 +0200] "GET

91.240.109.121 - - [28/Jul/2013:11:52:57 +0200] "GET

91.240.109.120 - - [28/Jul/2013:11:52:57 +0200] "GET

91.240.109.102 - - [28/Jul/2013:11:53:08 +0200] "GET

91.240.109.85 - - [28/Jul/2013:11:53:14 +0200] "GET

91.240.109.122 - - [28/Jul/2013:11:53:53 +0200] "GET

91.240.109.122 - - [28/Jul/2013:11:53:54 +0200] "GET

91.240.109.108 - - [28/Jul/2013:11:54:04 +0200] "GET

91.240.109.75 - - [28/Jul/2013:11:54:07 +0200] "GET

91.240.109.111 - - [28/Jul/2013:13:40:36 +0200] "GET

91.240.109.84 - - [28/Jul/2013:13:40:36 +0200] "GET

91.240.109.103 - - [28/Jul/2013:13:40:46 +0200] "GET

91.240.109.120 - - [28/Jul/2013:13:40:52 +0200] "GET

91.240.109.94 - - [28/Jul/2013:14:04:13 +0200] "GET

91.240.109.110 - - [28/Jul/2013:14:04:13 +0200] "GET

91.240.109.105 - - [28/Jul/2013:14:04:24 +0200] "GET

91.240.109.76 - - [28/Jul/2013:14:04:27 +0200] "GET

91.240.109.81 - - [28/Jul/2013:14:59:43 +0200] "GET

91.240.109.118 - - [28/Jul/2013:14:59:43 +0200] "GET

91.240.109.81 - - [28/Jul/2013:14:59:53 +0200] "GET

91.240.109.105 - - [28/Jul/2013:14:59:56 +0200] "GET

91.240.109.87 - - [28/Jul/2013:15:00:02 +0200] "GET

91.240.109.104 - - [28/Jul/2013:15:00:03 +0200] "GET

91.240.109.119 - - [28/Jul/2013:15:02:20 +0200] "GET

91.240.109.84 - - [28/Jul/2013:15:02:20 +0200] "GET

91.240.109.121 - - [28/Jul/2013:15:02:31 +0200] "GET

91.240.109.112 - - [28/Jul/2013:15:02:35 +0200] "GET

91.240.109.66 - - [28/Jul/2013:15:07:24 +0200] "GET

91.240.109.73 - - [28/Jul/2013:15:07:24 +0200] "GET

91.240.109.102 - - [28/Jul/2013:15:07:34 +0200] "GET

91.240.109.121 - - [28/Jul/2013:15:07:40 +0200] "GET

91.240.109.97 - - [28/Jul/2013:15:25:21 +0200] "GET

91.240.109.72 - - [28/Jul/2013:15:25:21 +0200] "GET

91.240.109.79 - - [28/Jul/2013:15:25:31 +0200] "GET

91.240.109.95 - - [28/Jul/2013:15:25:31 +0200] "GET

91.240.109.101 - - [28/Jul/2013:16:01:31 +0200] "GET

91.240.109.73 - - [28/Jul/2013:16:01:33 +0200] "GET

91.240.109.120 - - [28/Jul/2013:16:01:44 +0200] "GET

91.240.109.86 - - [28/Jul/2013:16:01:44 +0200] "GET

91.240.109.89 - - [28/Jul/2013:16:01:45 +0200] "GET

91.240.109.118 - - [28/Jul/2013:16:01:46 +0200] "GET

91.240.109.65 - - [28/Jul/2013:16:07:56 +0200] "GET

91.240.109.119 - - [28/Jul/2013:16:07:57 +0200] "GET

91.240.109.71 - - [28/Jul/2013:16:08:07 +0200] "GET

91.240.109.73 - - [28/Jul/2013:16:08:08 +0200] "GET

91.240.109.66 - - [28/Jul/2013:16:08:15 +0200] "GET

91.240.109.116 - - [28/Jul/2013:16:08:15 +0200] "GET

91.240.109.109 - - [28/Jul/2013:16:47:48 +0200] "GET

91.240.109.97 - - [28/Jul/2013:16:47:48 +0200] "GET

 

Where from did you get links to my private projects (these are only meant for specific people to see)? They are not meant to be public, yet you take those private links out and scan it?

 

 

+ Why are you taking out my private data?

$return = @file_get_contents('http://api.prestashop.com/partner/premium/set_request.php?iso_country='.strtoupper($isoCountry).'&iso_lang='.strtolower($isoUser).'&host='.urlencode($_SERVER['HTTP_HOST']).'&ps_version='._PS_VERSION_.'&ps_creation='._PS_CREATION_DATE_.'&partner='.htmlentities(Tools::getValue('module')).'&shop='.urlencode(Configuration::get('PS_SHOP_NAME')).'&email='.urlencode($email).'&firstname='.urlencode($firstname).'&lastname='.urlencode($lastname).'&type=home');

 

Which sends you my First and last name and my e-mail. Additionally my shopname etc.

Edited by GacekSSJ4

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0

Nope, First of all in install script without any conditional statement to check if I checked any box is submitting my e-mail to newsletter.

 

\install\controllers\console\process.php @ line 116

$params = http_build_query(array(
			'email' => $this->datas->admin_email,
			'method' => 'addMemberToNewsletter',
			'language' => $this->datas->lang,
			'visitorType' => 1,
			'source' => 'installer'
		));
	Tools::file_get_contents('http://www.prestashop.com/ajax/controller.php?'.$params);

e-mail

 

2nd place would be:

\controllers\admin\AdminHomeController.php

 

@line 529 @getBlockPartners method

$content = Tools::file_get_contents('http://api.prestashop.com/partner/premium/get_partners.php?protocol='.$protocol.'&iso_country='.Tools::strtoupper($isoCountry).'&iso_lang='.Tools::strtolower($isoUser).'&ps_version='._PS_VERSION_.'&ps_creation='._PS_CREATION_DATE_.'&host='.urlencode($_SERVER['HTTP_HOST']).'&email='.urlencode(Configuration::get('PS_SHOP_EMAIL')), false, $stream_context);

shop e-mail and all other data

 

@line 623 @ajaxProcessSavePreactivationRequest method

$return = @Tools::file_get_contents('http://api.prestashop.com/partner/premium/set_request.php?iso_country='.strtoupper($isoCountry).'&iso_lang='.strtolower($isoUser).'&host='.urlencode($_SERVER['HTTP_HOST']).'&ps_version='._PS_VERSION_.'&ps_creation='._PS_CREATION_DATE_.'&partner='.htmlentities(Tools::getValue('module')).'&shop='.urlencode(Configuration::get('PS_SHOP_NAME')).'&email='.urlencode($email).'&firstname='.urlencode($firstname).'&lastname='.urlencode($lastname).'&type=home');

 

Firstname, lastname, email + more of Currently logged employee. That means any employee is submitted

Edited by GacekSSJ4

Share this post


Link to post
Share on other sites
  • 0

Yes, Im questioning the same thing, its like prestashop is connected to your administration of your website, by their api http://api.prestashop.com/xml which directly publishes data in your administration itself, is their a way to stop this connection between prestashop and our personnel website.

 

Question isnt their a way to istall prestashop without using their install processes

Share this post


Link to post
Share on other sites

×