Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

Maximum ASP
  Ads  
Engage Software - Training Partner for DotNetNuke
 


  Sponsors  

Meet Our Sponsors

Verndale
The Official Microsoft ASP.NET Website
Portal Webhosting - Hosting For Developers
Red-Gate Software
MaximumASP
SourceGear - Tools for Developers
 


DotNetNuke Forums
 
  Forum  General DotNetN...  Chat About It!  MS France Site Defacement
Previous Previous
 
Next Next
New Post 6/20/2006 9:47 AM
User is offline Steven Provencher
74 posts
www.code5systems.com
10th Ranked




MS France Site Defacement  
Modified By Steven Provencher on 6/20/2006 11:48:56 AM)

Anybody heard anything about this?

http://blog.washingtonpost.com/securityfix/2006/06/microsoft_site_defacement_spur_1.html

Steve
---------------------------
form Master
form Creation Module
Code 5 Systems, LLC.
 
New Post 6/20/2006 10:37 AM
User is offline Mariette Knap
795 posts
www.smallbizserver.net
7th Ranked




Re: MS France Site Defacement  
Yes, I would really like to know what kind of hack that was. If there is a hole in IIS we need to know that now. I have been monitoring my site closely since yesterday, among other sites, but I have not seen anything special going on. I know how to make real good bloopers in the configuration of IIS to get your site hacked in minutes so I hope it is a 'user' error that his happened.
Subscribe for great articles and howtos. Get unlimited access to all content.Mariëtte Knap
www.smallbizserver.net
 
New Post 6/20/2006 11:01 AM
User is offline cathal connolly
2757 posts
www.cathal.co.uk
5th Ranked










Re: MS France Site Defacement  

We're following up on this to see what the issue is, as a number of the facts are conflicting (i.e. the hacker has predominantly attacked asp sites, and non-dotnetnuke sites). Once I have the definitive facts I'll post back here.

Cathal
 
New Post 6/20/2006 11:03 AM
User is offline Edward Beck
190 posts
9th Ranked


Re: MS France Site Defacement  
this looks alot like the old default.html or index.html hack.  There were similar posts on this a few months back here on DNN. 
 
New Post 6/20/2006 2:11 PM
User is offline Alper Celik
1 posts
10th Ranked


Re: MS France Site Defacement  

According to site zone-h.org it has been hacked using a 0day vulnerability in DotNetNuke.

http://www.zone-h.org/content/view/4770/31/
 
New Post 6/20/2006 3:44 PM
User is offline Deji Ak
3 posts
10th Ranked


Re: MS France Site Defacement  

I think it's more an exploitation of some of the unsafe modules that are popping up to support DNN. I remember something about this with NewBlog last year, and, IIRC, Hans-Peter promised to fix it.

This is not a knock on HP, per se, but it should be pointed out that NewBlog is still not "fixed". Lack of input sanitation in many of the modules will make wider adoption of DNN difficult, especially in light of this Microsoft defacement and the accompanying Zone-H report that specifically mentioned dotnetnuke.

Once the news spread, DNN will see more probes from the curious and the malicious. Unless we do something NOW, the end result will not be pleasant. As the "MS France Hacker" has shown, you don't need a lot of brain power to cause havocs, and you certainly need to programming skills to see that some DNN modules are sitting ducks.

BTW, I have no programming skills to brag about, but I have screen shots of unsanitized input XSS in a specific DNN module.
 
 Page 1 of 41234Next 
Previous Previous
 
Next Next
  Forum  General DotNetN...  Chat About It!  MS France Site Defacement
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


WEBPC™ DotNetNuke® sites for Small Business
WEBPC™ are internet consultants and web hosters catering to the small business market.
www.webpc.biz 		Perpetual Motion Interactive Systems Inc.
A solutions company specializing in Microsoft enterprise technologies.
www.perpetualmotion.ca 		Icthus Technologies
Building Faith on the Internet
www.icthustech.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP