Jump to content

Security issue - Mega Menu

apollux

By apollux
in General topics

 Share

Recommended Posts

apollux Contributor

apollux

Posted
Posted

Hello guys,

It just came to my attention that the module for which I have paid entitled very "responsive" Mega Menu is in fact missing some lines in the EVAL.Php function, thus generating a backdoor for Obfuscation.F Trojan, which adds permits the hacker to access the header, thus the file system and to add a b374k.php backdoor.

Did this happen to anyone before?

Link to comment
Share on other sites
joseantgv Proficient

joseantgv

Posted
Posted
1 hour ago, inowgsm said:

Hello guys,

It just came to my attention that the module for which I have paid entitled very "responsive" Mega Menu is in fact missing some lines in the EVAL.Php function, thus generating a backdoor for Obfuscation.F Trojan, which adds permits the hacker to access the header, thus the file system and to add a b374k.php backdoor.

Did this happen to anyone before?

Have you purchased these modules in Addons?

Link to comment
Share on other sites
prestowicz Newbie

prestowicz

Posted
Posted
1 hour ago, inowgsm said:

Hello guys,

It just came to my attention that the module for which I have paid entitled very "responsive" Mega Menu is in fact missing some lines in the EVAL.Php function, thus generating a backdoor for Obfuscation.F Trojan, which adds permits the hacker to access the header, thus the file system and to add a b374k.php backdoor.

Did this happen to anyone before?

Hi,

do you mean this theme ? https://waterthemes.com/neutral/14-home-appliances-prestashop-theme.html I have a theme module with the same mega menu functionality i guess (it's name is : WT Megamenu v1.1.0

But I don't have any eval string in the filenames or contet.

Maybe you got hit by some other backdor or outdated module or FTP password manager leak.

 

Link to comment
Share on other sites
apollux Contributor

apollux

Posted
  • Author
Posted
1 hour ago, prestowicz said:

Hi,

do you mean this theme ? https://waterthemes.com/neutral/14-home-appliances-prestashop-theme.html I have a theme module with the same mega menu functionality i guess (it's name is : WT Megamenu v1.1.0

But I don't have any eval string in the filenames or contet.

Maybe you got hit by some other backdor or outdated module or FTP password manager leak.

 

Thank you so much for your useless information. No, I wasn't "hit" by another "contet". Also, your WT Megamenu V1.1.0 is not the same as Responsive Mega Menu Pro which is listed on the Addons Prestashop and under Envato's ThemeForrest. I do appreciate the fact that you took the time to advertise your website and took time to add even HTTPS so it won't let Google quote without :).

 

Short notice: GO away. And yeah, I can read logs and yeah, I've been learning Linux for the past 20 years. I know a breach when I see one, also Smart Blog is hacked, also Every Other time of Forum thing from Prestashop is vulnerable to b374k.php

 

So, my little friend, go and learn Php the way it should be learned. See that you have a Github link and you can learn this method which works only on Prestashop.

 

Thank you and stop messaging here as I do not want your resolution.

Link to comment
Share on other sites
razaro Proficient

razaro

Posted
Posted

Yes there was some security issues in 2016 mostly with themes and Addons from ThemeForest but some native modules too

here is one topic 

other that explained bit more have been deleted.

In short modules that have some upload options, usually images got security issue.

Do read http://iqit-commerce.com/securityhotfix/ guide have good description how to find and clean

all files. Some users also had issues if that if Wordpress or Drupal was on same server and those were

initially hacked.

 

And inowgsm do try to be polite to other users, people try to help how ever they can.

 

Link to comment
Share on other sites
apollux Contributor

apollux

Posted
  • Author
Posted
2 minutes ago, th0riz0 said:

Same issue here, same responsive mega menu, and same b374k.php exploit... A shame we paid for this module...

I know. Weird is that an idiot above called me stupid before even checking facts. Envato closed the contributer account due to this backdoor. I even have an email with confirmation and server logs as a proof.

 

buuut, Prestashop doesn't give a rats ass about its users! Gj Presta! We love u! 👌🏼

Link to comment
Share on other sites
PrestaHeroes USA Mentor

PrestaHeroes USA

Posted
Posted (edited)

 

On 11/20/2018 at 6:24 AM, inowgsm said:

Hello guys,

It just came to my attention that the module for which I have paid entitled very "responsive" Mega Menu is in fact missing some lines in the EVAL.Php function, thus generating a backdoor for Obfuscation.F Trojan, which adds permits the hacker to access the header, thus the file system and to add a b374k.php backdoor.

Did this happen to anyone before?

Hi remember this is a community where we share.  it would be great if you could provide the detail and fix for other community members and then go chase down the developer for less positive karma remarks.  We need community members with skillz and you say you have them,  show us! lol 

Also to be perfectly honest buying a megamenu is so PS 1.4.  All high quality themes now come with built in menu systems and loads of other features so rarely is there reason to buy a stand alone module for base shops.  Also we never buy from anywhere but addon's anymore as dev keep those up to date but may no on 3rd party resellers.  

so show us your mad skillz and how to fix and you can go beat the dev around the head and neck as  you please.

Edited by El Patron (see edit history)
  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...