• Login
  • Register

DNN Forums

A community discussion page. We're starting from scratch, so...let's get the party started!

is it hack or something what is this bug

You are not authorized to post a reply.
Sort:
Page 1 of 212 > >>


New Member


Posts:1
New Member

    rcenntly i visit some web site made by DNN ..i was redirct another page..i think this is new bug of DNN..if anyone know this exploit please share me ..

    EX::

    http://victorylanes.com/
    http://victorylanes.com/watch/MAX_V_V-Videos-49ers-vs-Rams-Live-Tv-match-03.html

    http://royalzlanes.com/
    http://royalzlanes.com/watch/Video-49ers-vs-Rams-Game-Live-on-P.k.T.v.005.html


     



    Advanced Member


    Posts:179
    Advanced Member

      this sounds like you got hacked. Is there a system.aspx file in the root of your website or any .php file (DNN does not use PHP)?


      New Member


      Posts:5
      New Member

        Is there some one have more info and explanation about this exploit/bug?
        Thanks


        Advanced Member


        Posts:224
        Advanced Member

          Recommendation is to upgrade to the latest version.
          There have been several vulnerabilities over the years like in any CMS, so it is hard to tell what has happend here as it is not clear what version has been attacked in this case.
          Tjep's digital agencyRegards,
          Tycho de Waard

          Tjep's digital agency
          We just love DNN
          https://www.tjeps.com


          Advanced Member


          Posts:179
          Advanced Member

            If you got hacked, it is not sufficient, just to install latest version.
            You need also make sure, there is no backdoor file left, which could be any .aspx, .asp or .php file.


            New Member


            Posts:5
            New Member

              Impossible for me install latest version a lot of modules are incompatible.
              Isn't possible to replace the Rad editor?!?


              Advanced Member


              Posts:224
              Advanced Member

                You can download the CKEditor from https://github.com/DNN-Connect/CKEditorProvider
                Mind you, this does not make your website safe. It is one of the mitigation actions. You can do some more things like not allowing user registration or redirect 404 to homepage.
                Again: this will not make your website safe. If you are unable to upgrade modules, I am more than willing to help think of ways to move forward like replacement modules.
                Tjep's digital agencyRegards,
                Tycho de Waard

                Tjep's digital agency
                We just love DNN
                https://www.tjeps.com


                New Member


                Posts:5
                New Member

                  @Tycho 

                  thanks a lot, is there a guide to follow for replace/install new editor?

                  thanks

                  Fabio



                  Advanced Member


                  Posts:224
                  Advanced Member

                    1. Backup
                    2. Install the editor like any other extension
                    3. Login as host
                    4. Host - HTML Editor manager
                    5. Current provider: select DNNConnectCKE
                    6. Host - extensions
                    7. Tab Providers
                    8. Uninstall RadEditor
                    Tjep's digital agencyRegards,
                    Tycho de Waard

                    Tjep's digital agency
                    We just love DNN
                    https://www.tjeps.com


                    Advanced Member


                    Posts:179
                    Advanced Member

                      depending on the version of your website, you might consider using original CKEditor provider from Ingo (https://github.com/w8tcha/dnnckeditor)
                      You are not authorized to post a reply.
                      Page 1 of 212 > >>

                      These Forums are dedicated to discussion of DNN Platform.

                      For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

                      1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
                      2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
                      3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
                      4. No Flaming or Trolling.
                      5. No Profanity, Racism, or Prejudice.
                      6. Site Moderators have the final word on approving / removing a thread or post or comment.
                      7. English language posting only, please.

                      Would you like to help us?

                      Awesome! Simply post in the forums using the link below and we'll get you started.

                      Get Involved