Learn DNN / DotNetNuke

You need to Register for free and Login to post a message in the forum.

Forum

Forums
Search Forum
Advanced SearchTopicsPosts

Forums > Users Lounge > Everything Else

OH Dirty Word. Help!

Last Post 12/30/2008 10:23 AM by wynnjon. 4 Replies.

Sort:

Check this box to subscribe to this topic.	Prev Next
You are not authorized to post a reply.

Author

Messages

wynnjon

Nuke Active Member
Posts:24

12/23/2008 1:41 PM
OK... I have no idea what's happening, but navigate to http://www.wynnspot.com and click "View Source" in your browser. Scroll to the bottom and you'll see a naughty bunch of HTML code. Have I been attacked by cross-site scripting? What's going on? I'm at a loss... help! Thanks, Jones

wynnjon

Nuke Active Member
Posts:24

12/23/2008 2:40 PM
My hosting provider removed the malicious code. Weird!

Aggiedan97

Nuke Master
Posts:162

12/23/2008 4:24 PM
I checked a brand new localhost copy of core DNN 4.9 and it has the same code at the bottom. I also check a late release of DNN 5 RC2 and it does not contain this code. No worries here!

Lee Sykes
DNN Creative Staff

Nuke Master VI
Posts:4945

12/24/2008 4:41 PM
Did you ask your hosting provider how it happened? It may have been a security leak in the server rather than DNN

Lee Sykes Site Administrator Subscribe to the website : DotNetNuke Video Tutorials : The Skinning Toolkit : DotNetNuke Podcasts Twitter: www.twitter.com/DNNCreative

wynnjon

Nuke Active Member
Posts:24

12/30/2008 10:23 AM
This is what my hosting provider (3Essentials) sent me: Regarding the hyperlinks to other websites inserted within your website files. These links point to websites which are likely distribution sites for malicious code (malware). Depending on which browser is used to visit your site, the links may be hidden or may be visible. We have taken the following actions on your behalf: The attack appears to have modified your default.aspx via FTP, indicating your ftp credentials have been compromised. As such, we have changed your FTP password. Because email is insecure, we are not sending your updated password to you via email. Instead you can retrieve your updated FTP passwords using this knowledgebase article: http://knowledge.3essentials." target="_blank" rel="nofollow">http://knowledge.3essentials.com/web-hosting/article/340/I-forgot-my-Control-Panel-or-FTP-username-and-password.html We placed a backup copy of the affected files into the /private/hacked folder off your FTP root, and then removed the links from the hacked files on your site. With regard to how this can happen, we strongly recommend you review our Security Bulletin for December which discusses this increasingly common attack type, what to look for, and ways to protect yourself and your site. You can find this bulletin at: http://knowledge.3essentials." target="_blank" rel="nofollow">http://knowledge.3essentials.com/web-hosting/article/675/Security-Bulletin-December-2008.html Please feel free to reply if you have any questions.

You are not authorized to post a reply.

Forums > Users Lounge > Everything Else

Latest Forum Posts

Can you Run Xcode in Linux? by Aman Singh

Can you Run Xcode in Linux?

Can you Run Xcode in Linux? by Aman Singh

Can you Run Xcode in Linux?

Billed for subscription that was canceled by Ryan

I was just billed for a subscription that was canc eled / inactivetive how do I get a refund for th

Meta Title and Meta Description are not showing properly by DNN User

Hi, On my site the meta title and meta descriptions are not showing properly. It's showing the m

Search is not functioning properly by DNN User

Site: https://www.prv-engineering.co.uk/search If I search any item only the 1st option under sea

Search is not functioning properly by DNN User

Site: https://www.prv-engineering.co.uk/search If I search any item only the 1st option under sea

DNN Platform import site optio by Melanie Weaver

Is it possible to import site template in DNN Platform 8.0? We have internal Evoq Content 8.1 tha

Events Module for DNN V5? by Tugboat

Would anyone have a download link for the version 5.0.3 Events Module? Thanks!

"Ghost" TabID Number? by Tugboat

Hi! I have a portal instance with multiple child portals and on one of the child portals, there i

RE: DNN Load Testing by ayman sharkawy

Hi. Have you already implemented a site using the DNN . And how the performance of the site and its

Publish All Pages by NSUOK

I'm using DNN Evoq Content Basic 8.2.0. When I make the HTML Pro module display on all pages, I h

Simpler profile needed in 9.2.2 by Donald

We are upgrading a DNN 4.8.4 site to DNN 9.2.2. On 4.8.4, the top bar shows the user’s name. If yo

How to link from dnnmodal popup to web site page? by Donald

Hello all. I am using a dnnmodal.show popup. The popup works correctly, showing the content that I

RE: Document Collaboration by Nick Davern

That feature would be super beneficial for our needs as well! Does anyone have an update as to if th

RE: DNN 9.2, how to set default theme? by Andy Stephenson DNN Creative

you do that under "Manage/Themes". Note the highlight blue border around the default container and d

DNN 9.2, how to set default theme? by Donald

Please disregard, found Manage Themes I cannot find how to set a default portal theme in DNN 9.2

RE: Looking for DataSprings Dynamic Forms by Andy Stephenson DNN Creative

Your best chance would be to contact Chad Nash @ http://www.datasprings.com/

Looking for DataSprings Dynamic Forms by Jakir HM

Looking for DataSprings Dynamic Forms 3.4 for DNN 4.x 5.x for my site (https://themasters2018s.com/)

RE: Help with Cycle Image Carousel not displaying images by peter

I had the same problem with the Will Strohl Content Slider after upgrading to DNN 9.1 The above an

RE: Object reference not set to an instance of an object by Andy Stephenson DNN Creative

Check this one might be useful: http://www.dnnsoftware.com/answers/im-tryin-to-move-my-site-to-pr

Used
By

Testimonials

| The SoloCoder Podcast | Google | Privacy Statement | Terms Of Use