0
Welcome Guest! Login
0 items Join Now

Suspicious files or not?

Last Post
Search Topic
    • DeLLiAnO's Avatar
    • DeLLiAnO
    • Sr. Rocketeer
    • Posts: 100
    • Thanks: 1

    Suspicious files or not?

    Posted 4 years 10 months ago
    • Admin Toolz Pro says that the .DS_Store are suspected files because they start with a "." like ".DS_Store"
      Is this an actual file of Rockettheme's Components, or is it suspicious?

      components/com_roksprocket/lib/RokSprocket/.DS_Store
      components/com_roksprocket/lib/.DS_Store


      Here Admin toolz says there is possible PHP injection (obfuscated code) chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
      libraries/rokcommon/Doctrine/Inflector.php
      more info in secure area, Line 233 string chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)

      Is this original code or changed by a breach?

      kind regards
    • Why are we, so blind to see....
      that the ones we hurt...
      Are you and me
    #1410894
    • MrT's Avatar
    • MrT
    • Preeminent Rocketeer
    • Posts: 101084
    • Thanks: 13481
    • Web Designer/Developer

    Re: Suspicious files or not?

    Posted 4 years 10 months ago
    • Not suspicious, no. ds_store comes from a MAC and the file contents you showed are legitimate too.

      Regards, Mark.
    • Please search forums before posting. Please make sure your post includes the version of the CMS you are using and a link to the problem. Annotations on screenshots can also be helpful to explain problems/goals. Please use the "secure" tab for confidential information.
    #1410901

Time to create page: 0.049 seconds