Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN 6.2 and DNN 7.2 Hacked already... HELP ME....DNN 6.2 and DNN 7.2 Hacked already... HELP ME....
Previous
 
Next
New Post
6/19/2014 10:52 AM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362
Thank you for all

I got it, I read all documents about it, some developers like Xiao Qi on DNNModoule.com has been changed register human validation by asking a question and typing an answer and some other make new register form on different page and blocked default Register form of DNN and some other people using reCAPTCHA by google and installing special Register Module....

I do same Richard Howells by change "Public" register method to "Verified" Method and also Change Default register page to New page by adding account registration Module and redirect people to register on this page.

I start to test this way and I hope this big problem finish....

But, DNN Corp. should be fix this BIG PROBLEM. it will effected on dnn users thinking. They can use Intelligent mathematical or Picture CAPCHA to stop robots to trace it. for example ask users what is result of 15-3 = ? it means "12" in CAPTCHA answer field.

or using Pictures or other ways....
 
New Post
6/19/2014 11:20 AM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362
This way not working.....

I do same this:
1.
Host->Host Settings->Other Settings. Find the 'Enable Request Filters' checkbox and check it. You should see the 'Add New Rule' button appear.
Server Variable : HTTP_URL
Operation : Regex
Match Value : (?<=\?)ctl=register|(?Action : NotFound
Location : (empty)

2.
I make Verified for Registering new account

3.
I make a page with name for example "kindcare register"

4.
I add Account Register module with CAPTCHA

5.
I Redirect Register page to this New page.

FINISH, and I waiting for resault .... you know? AFTER 2 minutes I get New Spammer Registration again.... What is That? !!!!

Please tell me the best way for fix this ..... problem.... I have 100 Website and 30% of them have same problem.... also my website....
 
New Post
6/19/2014 11:28 AM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362
Oh my God..... The Host/Extensions page has been Error..... now..... I'm sure DNN 7.2.0 is hacked already:
you can see following error when I click on Extensions of Host Menu:

Error: Extensions is currently unavailable. DotNetNuke.Services.Exceptions.ModuleLoadException: c:\HostingSpaces\kindcare\kindcare.ae\wwwroot\DesktopModules\Admin\AdvancedSettings\LanguagePacks.ascx.cs(87): error CS0433: The type 'ICSharpCode.SharpZipLib.Zip.ZipInputStream' exists in both 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\9bc66419\00cbd06e_3eebce01\SharpZipLib.DLL' and 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\7f90f2f7\0091fe77_d47fcf01\ICSharpCode.SharpZipLib.DLL' ---> System.Web.HttpParseException: c:\HostingSpaces\kindcare\kindcare.ae\wwwroot\DesktopModules\Admin\AdvancedSettings\LanguagePacks.ascx.cs(87): error CS0433: The type 'ICSharpCode.SharpZipLib.Zip.ZipInputStream' exists in both 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\9bc66419\00cbd06e_3eebce01\SharpZipLib.DLL' and 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\7f90f2f7\0091fe77_d47fcf01\ICSharpCode.SharpZipLib.DLL' ---> System.Web.HttpCompileException: c:\HostingSpaces\kindcare\kindcare.ae\wwwroot\DesktopModules\Admin\AdvancedSettings\LanguagePacks.ascx.cs(87): error CS0433: The type 'ICSharpCode.SharpZipLib.Zip.ZipInputStream' exists in both 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\9bc66419\00cbd06e_3eebce01\SharpZipLib.DLL' and 'c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9f44c48d\96dded5e\assembly\dl3\7f90f2f7\0091fe77_d47fcf01\ICSharpCode.SharpZipLib.DLL' at System.Web.Compilation.BuildManager.PostProcessFoundBuildResult(BuildResult result, Boolean keyFromVPP, VirtualPath virtualPath) at System.Web.Compilation.BuildManager.GetBuildResultFromCacheInternal(String cacheKey, Boolean keyFromVPP, VirtualPath virtualPath, Int64 hashCode, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultFromCacheInternal(VirtualPath virtualPath, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.UI.BaseTemplateParser.GetReferencedType(VirtualPath virtualPath, Boolean allowNoCompile) at System.Web.UI.BaseTemplateParser.GetUserControlType(VirtualPath virtualPath) at System.Web.UI.MainTagNameToTypeMapper.ProcessUserControlRegistration(UserControlRegisterEntry ucRegisterEntry) at System.Web.UI.BaseTemplateParser.ProcessDirective(String directiveName, IDictionary directive) at System.Web.UI.TemplateControlParser.ProcessDirective(String directiveName, IDictionary directive) at System.Web.UI.TemplateParser.ParseStringInternal(String text, Encoding fileEncoding) --- End of inner exception stack trace --- at System.Web.UI.TemplateParser.ProcessException(Exception ex) at System.Web.UI.TemplateParser.ParseStringInternal(String text, Encoding fileEncoding) at System.Web.UI.TemplateParser.ParseString(String text, VirtualPath virtualPath, Encoding fileEncoding) at System.Web.UI.TemplateParser.ParseFile(String physicalPath, VirtualPath virtualPath) at System.Web.UI.TemplateParser.ParseInternal() at System.Web.UI.TemplateParser.Parse() at System.Web.Compilation.BaseTemplateBuildProvider.get_CodeCompilerType() at System.Web.Compilation.BuildProvider.GetCompilerTypeFromBuildProvider(BuildProvider buildProvider) at System.Web.Compilation.BuildProvidersCompiler.ProcessBuildProviders() at System.Web.Compilation.BuildProvidersCompiler.PerformBuild() at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath) at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.UI.TemplateControl.LoadControl(VirtualPath virtualPath) at DotNetNuke.UI.ControlUtilities.LoadControl[T](TemplateControl containerControl, String ControlSrc) at DotNetNuke.UI.Modules.WebFormsModuleControlFactory.CreateModuleControl(TemplateControl containerControl, ModuleInfo moduleConfiguration) at DotNetNuke.UI.Modules.ModuleControlFactory.LoadModuleControl(TemplateControl containerControl, ModuleInfo moduleConfiguration) at DotNetNuke.UI.Modules.ModuleHost.LoadModuleControl() --- End of inner exception stack trace ---


are there any Idea?
 
New Post
6/19/2014 11:40 AM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
that is not a "hack" - that's corruption in the asp.net temporary files which rarely happens. Typically it can be resolved by setting the debug flag in web.config to true, saving, visiting a page, then setting debug to false, saving and visiting a page (this causes old, corrupt or out of date assemblies to be "flushed" which typically fixes this)
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
New Post
6/19/2014 11:58 AM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362
But How can fix it, I can not Read Web.config

Where I have to add some flags or remove some lines... Isn't there any Fixer module?
 
 Page 2 of 19
Previous123...19Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN 6.2 and DNN 7.2 Hacked already... HELP ME....DNN 6.2 and DNN 7.2 Hacked already... HELP ME....


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out