deneme bonusu maltcasino bahis siteleri
sex video free download in mobile hot sexy naked indian girls download free xxx video
antalya escort
atasehir eskort bahcelievler escort alanya escort atasehir escort
gaziantep escort
gaziantep escort
escort pendik
erotik film izle Rus escort gaziantep rus escort
vdcasino casino metropol casinomaxi
beylikdüzü escort
deneme bonusu veren siteler deneme bonusu veren siteler
z library books naked ai
deneme bonusu veren siteler
deneme bonusu veren siteler
bahis siteleri
sweet bonanza
casino siteleri
en iyi casino siteleri
deneme bonusu veren siteler
casibom
s
Contact Login Register
h M

DNN Security Leak Bypassing Dynamic Registration

We found a workaround for this!

Author: Anonym/Thursday, May 22, 2014/Categories: In The Flow

Rate this article:
3.0
We've come across a situation that we want to share with you.  Several customers using Dynamic Registration were finding that people were able to bypass this and somehow get to the standard DNN registration without the extended fields.  Apparently, this was done by simply adding "?ctl=register" to the URL.  Here's a workaround that was helpful to one of our clients (thanks, Bob!). 


If you are using IIS 7, you can turn on the request filtering and add the following code in web.config.

GO to Host / Configuration Manager:

Locate the <system.webServer> section of the web.config and paste in the following near the end, MAKE SURE YOU MAKE A COPY OF YOUR WEB.CONFIG CONTENTS LIKE INTO A NOTEPAD OR SOMETHING AND DO IT FROM THE NOTEPAD AND COPY / PASTE EVERYTHING BACK. ALSO MAKE SURE YOU HAVE A COPY OF THE WEB.CONFIG FILE (MAKE A COPY OF IT ON YOUR SERVER).

<security>

        <requestFiltering>

            <denyQueryStringSequences>

                <add sequence="ctl" />

            </denyQueryStringSequences>

        </requestFiltering>

</security>

-----------------------------------------------------------------------------------------------------

 

SOMETHING LIKE THIS:

 

<!-- The system.webServer section is required for IIS7 compatability It is ignored by IIS6-->

  <system.webServer>

    <modules runAllManagedModulesForAllRequests="true">

      <!--add name="RequestFilter" type="DotNetNuke.HttpModules.RequestFilter.RequestFilterModule, DotNetNuke.HttpModules" preCondition="managedHandler" /-->

      <add name="UrlRewrite" type="iFinity.DNN.Modules.UrlMaster.UrlRewriteModule, iFinity.UrlMaster.FriendlyUrlProvider" preCondition="managedHandler" />

      <!--add name="UrlRewrite" type="DotNetNuke.HttpModules.UrlRewriteModule, DotNetNuke.HttpModules" preCondition="managedHandler" /-->

      <add name="MobileRedirect" type="DotNetNuke.HttpModules.MobileRedirectModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="Exception" type="DotNetNuke.HttpModules.Exceptions.ExceptionModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="UsersOnline" type="DotNetNuke.HttpModules.UsersOnline.UsersOnlineModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="DNNMembership" type="DotNetNuke.HttpModules.Membership.MembershipModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="Personalization" type="DotNetNuke.HttpModules.Personalization.PersonalizationModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="Analytics" type="DotNetNuke.HttpModules.Analytics.AnalyticsModule, DotNetNuke.HttpModules" preCondition="managedHandler" />

      <add name="Services" type="DotNetNuke.HttpModules.Services.ServicesModule, DotNetNuke.HttpModules" />

      <remove name="UrlRoutingModule-4.0" />

      <add name="UrlRoutingModule-4.0" type="System.Web.Routing.UrlRoutingModule" preCondition="" />

      <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule, Telerik.Web.UI" preCondition="managedHandler" />

      <add name="Detector" type="FiftyOne.Foundation.Mobile.Detection.DetectorModule, FiftyOne.Foundation" preCondition="managedHandler" />

      <add name="ClientDependencyModule" type="ClientDependency.Core.Module.ClientDependencyModule, ClientDependency.Core" />

    </modules>

    <handlers>

      <remove name="WebServiceHandlerFactory-Integrated" />

      <add name="LogoffHandler*" path="Logoff.aspx" verb="*" type="DotNetNuke.Services.Authentication.LogOffHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="RSSHandler" path="RSS.aspx" verb="*" type="DotNetNuke.Services.Syndication.RssHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="LinkClickHandler" path="LinkClick.aspx" verb="*" type="DotNetNuke.Services.FileSystem.FileServerHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="CaptchaHandler" path="*.captcha.aspx" verb="*" type="DotNetNuke.UI.WebControls.CaptchaHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="UserProfilePageHandler" path="User.aspx" verb="*" type="DotNetNuke.Services.UserProfile.UserProfilePageHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="RadProgressHandler" verb="*" path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.Upload.RadUploadProgressHandler, Telerik.Web.UI" preCondition="integratedMode" />

      <add name="UserProfilePicHandler" path="ProfilePic.ashx" verb="*" type="DotNetNuke.Services.UserProfile.UserProfilePicHandler, DotNetNuke" preCondition="integratedMode" />

      <remove name="ExtensionlessUrl-Integrated-4.0" />

      <add name="ExtensionlessUrl-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />

      <add name="SitemapHandler" path="Sitemap.aspx" verb="*" type="DotNetNuke.Services.Sitemap.SitemapHandler, DotNetNuke" preCondition="integratedMode" />

      <add name="Telerik.Web.UI.WebResource" verb="*" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource, Telerik.Web.UI" preCondition="integratedMode" />

      <add name="Telerik.Web.UI.ChartHttpHandler" verb="*" path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler, Telerik.Web.UI, Culture=neutral, PublicKeyToken=121fae78165ba3d4" />

      <add name="LanapCaptcha" verb="*" path="LanapCaptcha.aspx" type="Lanap.BotDetect.CaptchaHandler, Lanap.BotDetect" />

      <add name="SitemapHandler1" verb="*" path="DataSpringsSiteMap.axd" type="iFinity.DNN.Modules.GoogleSiteMap.GoogleSiteMapHandler, iFinity.DNN.GoogleSiteMapProvider" preCondition="integratedMode,runtimeVersionv4.0" />

      <add name="HtmTemplateFileHandler" verb="*" path="*.htmtemplate" type="DotNetNuke.Providers.RadEditorProvider.HtmTemplateFileHandler, DotNetNuke.RadEditorProvider" preCondition="integratedMode" />

      <add name="ClientDependencyHandler" verb="*" path="DependencyHandler.axd" type="ClientDependency.Core.CompositeFiles.CompositeDependencyHandler, ClientDependency.Core" preCondition="integratedMode" />

      <remove name="BotDetectCaptchaHandler" />

      <add name="BotDetectCaptchaHandler" preCondition="integratedMode" verb="GET" path="BotDetectCaptcha.ashx" type="BotDetect.Web.CaptchaHandler, BotDetect" />

    </handlers>

    <validation validateIntegratedModeConfiguration="false" />

    <security>

      <requestFiltering>

        <denyQueryStringSequences>

          <add sequence="ctl" />

        </denyQueryStringSequences>

      </requestFiltering>

    </security>

  </system.webServer>

 

 

 

 

 

 
This will deny the querystring "?ctl=register"

Just note that this solution will also likely stop features such as "?ctl=Login" and others.

Thanks!


Number of views (193417)/Comments (-)

Tags:
blog comments powered by Disqus

Enter your email below AND grab your spot in our big giveaway!

The winner will receive the entire Data Springs Collection 7.0 - Designed to get your website up and running like a DNN superhero (spandex not included).

  
Subscribe