Jump to content

Recently Uploaded CGI scripts that send SPAMS?

hurray
 Share

Recommended Posts

hurray Apprentice

hurray

Posted
Posted (edited)

I got an email from my hosting company about Recently Uploaded CGI scripts. When I contacted them they said someone had accessed my server and had added scripts to send SPAMs.

I don't know how to read scripts, so can you please tell me if this is a security issue or is it just prestashop scripts?

Thanks.

 

Here's the email:

---------------------------------------------------------

 

Note: If this is the first time you received this mail, it contains the history for the entire month so far.

Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/email.php:50:
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/email.php:51: $file = file_get_contents(dirname(__FILE__).'/../../mails/'.strval(preg_replace('#\.{2,}#', '.', Tools::getValue('mail'))));
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/email.php:52:
---
/home/savdanac/public_html/rev/translations/en/admin.php:951: $_LANGADM['AdminEmails9d4a3b80ad4ab2775e48d2b9be9d2a25'] = 'Never send emails (may be useful for test purpose)';
/home/savdanac/public_html/rev/translations/en/admin.php:952: $_LANGADM['AdminEmails5acb0e4c7b605832a003f5e5fd563a78'] = 'Use PHP mail() function. Recommended; works in most cases';
/home/savdanac/public_html/rev/translations/en/admin.php:953: $_LANGADM['AdminEmailsfd304ecc43446476fd981bb6b4f41f7f'] = 'Set my own SMTP parameters. For advanced users ONLY';
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:3: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:4: * Swift Mailer mail() sending plugin
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:5: * Please read the LICENSE file
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:15: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:16: * Swift mail() send plugin
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:17: * Sends the message using mail() when a SendEvent is fired. Using the NativeMail connection provides stub responses to allow this to happen cleanly.
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:38: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:39: * 5th parameter in mail().
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:40: * @var string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:45: * Constructor.
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:46: * @param string 5th mail() function parameter as a sprintf() formatted string where %s is the sender.
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:47: */
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:53: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:54: * Set the 5th mail() function parameter as a sprintf() formatted string where %s is the sender.
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:55: * @param string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:61: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:62: * Get the 5th mail() function parameter as a sprintf() string.
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:63: * @return string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:108: * @param Swift_Events_SendEvent The event information
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:109: * @throws Swift_ConnectionException If mail() returns false
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:110: */
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:159:
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:160: if (!ini_get("safe_mode")) $success = mail($to, $subject, $message, $headers, $params);
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:161: else $success = mail($to, $subject, $message, $headers);
---
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:165: @ini_set("sendmail_from", $original_from);
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:166: throw new Swift_ConnectionException("Sending failed using mail() as PHP's default mail() function returned boolean FALSE.");
/home/savdanac/public_html/rev/tools/swift/Swift/Plugin/MailSend.php:167: }
---
/home/savdanac/public_html/rev/translations/fr/admin.php:951: $_LANGADM['AdminEmails9d4a3b80ad4ab2775e48d2b9be9d2a25'] = 'Ne jamais envoyer d\'e-mails (utile en phase de test)';
/home/savdanac/public_html/rev/translations/fr/admin.php:952: $_LANGADM['AdminEmails5acb0e4c7b605832a003f5e5fd563a78'] = 'Utiliser la fonction mail() de PHP. Recommandé ; fonctionne dans la majorité des cas';
/home/savdanac/public_html/rev/translations/fr/admin.php:953: $_LANGADM['AdminEmailsfd304ecc43446476fd981bb6b4f41f7f'] = 'Utiliser mes propres paramètres SMTP. Pour les experts UNIQUEMENT';
---
/home/savdanac/public_html/rev/translations/fr/admin.php:1506: $_LANGADM['AdminInformation3685800496ee1d4fd5cc25d805589f0e'] = 'Méthode d\'envoi de mail';
/home/savdanac/public_html/rev/translations/fr/admin.php:1507: $_LANGADM['AdminInformation6afd80be051a5ade2bfcc03a0a255697'] = 'Vous utilisez la fonction mail() de PHP';
/home/savdanac/public_html/rev/translations/fr/admin.php:1508: $_LANGADM['AdminInformationcffa72aaebae1bd90bbe1b8d827ecb1c'] = 'Vous utilisez vos paramètres SMTP';
---
/home/savdanac/public_html/rev/translations/fr/errors.php:202: $_ERRORS['3ffd1b6c5e4ab9c98104475480477307'] = 'Aucun bon de livraison trouvé pour cette période';
/home/savdanac/public_html/rev/translations/fr/errors.php:203: $_ERRORS['4f0c0475f4b0b0b2b0def4256b8e2300'] = 'Vous devez spécifier un serveur SMTP et un port SMTP. Si vous ne savez pas comment faire, utilisez la fonction mail() de PHP à la place.';
/home/savdanac/public_html/rev/translations/fr/errors.php:204: $_ERRORS['1f0e23c8f9563f28107b313ca812f3c3'] = 'Aucun profil';
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:3: /**
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:4: * Swift Mailer mail() connection component
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:5: * Please read the LICENSE file
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:15: /**
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:16: * Swift mail() Connection
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:17: * NOTE: This class is nothing more than a stub. The MailSend plugin does the actual sending.
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:28: /**
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:29: * The 5th parameter in mail() is a sprintf() formatted string.
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:30: * @var string
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:40: * Ctor.
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:41: * @param string The 5th parameter in mail() as a sprintf() formatted string where %s is the sender address. This only comes into effect if safe_mode is OFF.
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:42: */
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:56: /**
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:57: * Set the 5th parameter in mail() as a sprintf() formatted string. Only used if safe_mode is off.
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:58: * @param string
---
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:68: /**
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:69: * Get the 5th parameter in mail() as a sprintf() formatted string.
/home/savdanac/public_html/tools/swift/Swift/Connection/NativeMail.php:70: * @return string
---
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:119: '{discount}' => $discount);
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:120: Mail::Send((int)$this->context->language->id, 'referralprogram-invitation', Mail::l('Referral Program', (int)$this->context->language->id), $vars, $friendEmail, $friendFirstName.' '.$friendLastName, strval(Configuration::get('PS_SHOP_EMAIL')), strval(Configuration::get('PS_SHOP_NAME')), NULL, NULL, dirname(__FILE__).'/../../mails/');
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:121: $invitation_sent = true;
---
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:167: $referralprogram->save();
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:168: Mail::Send((int)$this->context->language->id, 'referralprogram-invitation', Mail::l('Referral Program', (int)$this->context->language->id), $vars, $referralprogram->email, $referralprogram->firstname.' '.$referralprogram->lastname, strval(Configuration::get('PS_SHOP_EMAIL')), strval(Configuration::get('PS_SHOP_NAME')), NULL, NULL, dirname(__FILE__).'/../../mails/');
/home/savdanac/public_html/rev/modules/referralprogram/controllers/front/program.php:169: $revive_sent = true;
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:3: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:4: * Swift Mailer mail() connection component
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:5: * Please read the LICENSE file
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:15: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:16: * Swift mail() Connection
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:17: * NOTE: This class is nothing more than a stub. The MailSend plugin does the actual sending.
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:28: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:29: * The 5th parameter in mail() is a sprintf() formatted string.
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:30: * @var string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:40: * Ctor.
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:41: * @param string The 5th parameter in mail() as a sprintf() formatted string where %s is the sender address. This only comes into effect if safe_mode is OFF.
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:42: */
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:56: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:57: * Set the 5th parameter in mail() as a sprintf() formatted string. Only used if safe_mode is off.
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:58: * @param string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:68: /**
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:69: * Get the 5th parameter in mail() as a sprintf() formatted string.
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/NativeMail.php:70: * @return string
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:66: */
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:67: public function __construct($command="/usr/sbin/sendmail -bs", $timeout=10)
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:68: {
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:141: '/usr/bin/sendmail',
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:142: '/usr/lib/sendmail',
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:143: '/var/qmail/bin/sendmail',
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:144: '/bin/sendmail',
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:145: '/usr/sbin/sendmail',
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:146: '/sbin/sendmail'
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:153: {
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:154: $log->add("Falling back to /usr/sbin/sendmail (but it doesn't look good)!");
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:155: }
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:156: //Fallback (swift will still throw an error)
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:157: return "/usr/sbin/sendmail";
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:158: }
---
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:171: {
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:172: throw new Swift_ConnectionException("Cannot set sendmail command with no command line flags. e.g. /usr/sbin/sendmail -t");
/home/savdanac/public_html/rev/tools/swift/Swift/Connection/Sendmail.php:173: }
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:66: */
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:67: public function __construct($command="/usr/sbin/sendmail -bs", $timeout=10)
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:68: {
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:141: '/usr/bin/sendmail',
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:142: '/usr/lib/sendmail',
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:143: '/var/qmail/bin/sendmail',
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:144: '/bin/sendmail',
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:145: '/usr/sbin/sendmail',
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:146: '/sbin/sendmail'
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:153: {
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:154: $log->add("Falling back to /usr/sbin/sendmail (but it doesn't look good)!");
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:155: }
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:156: //Fallback (swift will still throw an error)
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:157: return "/usr/sbin/sendmail";
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:158: }
---
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:171: {
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:172: throw new Swift_ConnectionException("Cannot set sendmail command with no command line flags. e.g. /usr/sbin/sendmail -t");
/home/savdanac/public_html/tools/swift/Swift/Connection/Sendmail.php:173: }
---
/home/savdanac/public_html/translations/es/admin.php:555: $_LANGADM['AdminEmails765f159ab61b665aca550bd1a767f9d2'] = 'Cuando el cliente envía un mensaje desde la página de pedido';
/home/savdanac/public_html/translations/es/admin.php:556: $_LANGADM['AdminEmailsad3bc3094733fbf7e0a10f0da116b864'] = 'Usar la función mail() de PHP. Recomendado en la mayoría de los casos';
/home/savdanac/public_html/translations/es/admin.php:557: $_LANGADM['AdminEmailsfd304ecc43446476fd981bb6b4f41f7f'] = 'Establecer mis propios parámetros SMTP. Sólo usuarios AVANZADOS';
---
/home/savdanac/public_html/translations/fr/admin.php:555: $_LANGADM['AdminEmails765f159ab61b665aca550bd1a767f9d2'] = 'Lorsqu\'un client envoie un message depuis sa page de commande';
/home/savdanac/public_html/translations/fr/admin.php:556: $_LANGADM['AdminEmailsad3bc3094733fbf7e0a10f0da116b864'] = 'Utiliser la fonction mail() de PHP. Recommandé dans la plupart des cas';
/home/savdanac/public_html/translations/fr/admin.php:557: $_LANGADM['AdminEmailsfd304ecc43446476fd981bb6b4f41f7f'] = 'Utiliser mes propres paramètres SMTP. Pour les experts UNIQUEMENT';
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:3: /**
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:4: * Swift Mailer mail() sending plugin
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:5: * Please read the LICENSE file
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:15: /**
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:16: * Swift mail() send plugin
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:17: * Sends the message using mail() when a SendEvent is fired. Using the NativeMail connection provides stub responses to allow this to happen cleanly.
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:38: /**
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:39: * 5th parameter in mail().
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:40: * @var string
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:45: * Constructor.
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:46: * @param string 5th mail() function parameter as a sprintf() formatted string where %s is the sender.
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:47: */
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:53: /**
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:54: * Set the 5th mail() function parameter as a sprintf() formatted string where %s is the sender.
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:55: * @param string
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:61: /**
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:62: * Get the 5th mail() function parameter as a sprintf() string.
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:63: * @return string
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:108: * @param Swift_Events_SendEvent The event information
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:109: * @throws Swift_ConnectionException If mail() returns false
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:110: */
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:159:
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:160: if (!ini_get("safe_mode")) $success = mail($to, $subject, $message, $headers, $params);
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:161: else $success = mail($to, $subject, $message, $headers);
---
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:165: @ini_set("sendmail_from", $original_from);
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:166: throw new Swift_ConnectionException("Sending failed using mail() as PHP's default mail() function returned boolean FALSE.");
/home/savdanac/public_html/tools/swift/Swift/Plugin/MailSend.php:167: }

Edited by hurray (see edit history)
Link to comment
Share on other sites
  • 1 year later...
 Share
Go to topic listing
×
×
  • Create New...