Hacked asp.net dnn site

0 投票
最新提问 用户: (120 分)

I'm have dotNetNuke website. Somebody upload "i.htm" file to my website files folder. In file wrote about "Mr.Kro0oz.305". I'm can't understand how can be done that. So you hove some versions how can do it by hackers? Also how can set my server more secure?

发表于 用户: (140 分)
Do you have an upload functionality in your site, maybe for a profile picture? Does DNN have such a feature that a user (with DNN experience) might access, even though you don't have a specific page for it? Try and make sure a user can only upload specific file types.
发表于 用户: (120 分)
The file which is uploaded by hacker in wwwroot -> site root folder. Also in site there are uploads parts. Also I have watched some videos where Mr.Kro0oz.305 hacking sites using some shell command in linux.
发表于 用户: (220 分)
Which folder? The root, /Portals, /Portals/{PortalID}. But at least change all your Admin, Host & FTP passwords.
发表于 用户: (220 分)
While DNN could be at fault here, many times this is due to a vulnerability in IIS or Windows that you haven't closed with the proper windows updates.
发表于 用户: (120 分)
The file in this path: D:\inetpub\wwwroot\fsm\i.htm. In this server don't set FTP. I don't now where is my mistake, may be it come from IIS or windows update. But I think that hacker all done using linux commands to upload, changing or removing files.

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。