Pages

DotNetNuke Attacks-Hack Website

Hello Friend,today i am going to explain a trick which are very simple in use.By this attacks you hack any website easily compare to any other attacks like SQL Injection and Cross Site Scripting.Like old technique which made by Microsoft same .Net also contain many vulnerability,So here we use this vulnerability for upload our image and file to any DotNetNuke vulnerable site.

So Lets go.

STEP 1: First open your Google Search Page and type below write Dork for found the vulnerable site..

inurl:tabid/1500/default.aspx

or

inurl:/portals/0 site:.com

Note::In place of .com you also use another domain in second Dork.

STEP 2:  Open the site and here you see URL address of site given as for example...

http://abcd.org/tabid/1500/Default.aspx

Change it into

http://abcdorg/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

Means we add the below line in URL...

 Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

For example see below pic...




STEP 3: When you done STEP 2 then a new page come like below pic...





STEP 4: On this page choose 3rd option where write "A File On Your Site" see below pic...




STEP 5:  When STEP 4 complete then write in the URL,below write JavaScript code...

javascript:__doPostBack(‘ctlURL$cmdUpload’,’’)


For example see below pic...



STEP 6: When you done STEP 5 then a "BROWSE" option come like below pic...




Here click on the "Browse" option then a window open like below pic which open your system file for Upload.Here choose your TEXT or JPEG file for Upload.




STEP 7:  When you select file then a "Upload Select File" option come like below pic circle,click it.





STEP 7: Your file Upload Successfully.For see your upload file,write on the URL address..

www.sitename.domain-name/portals/0/your-file-name.file-extension


For example see below pic...



When you do it then your Upload file you see.



IF YOU LIKE THIS POST SO GIVEN YOUR COMMENT AND IF YOU LIKE MY WORK SO PLZ FOLLOW MY BLOG.THANKS!

5 comments:

  1. Akash Verma said...:

    best DDN thread i m watch,thanks xD.

  1. Anonymous said...:

    Amazing explanation,i suggest it too everybody.

  1. Kevin brth said...:

    best DNN,Too Expansive knowledge.

  1. Qupin said...:

    Nice post thanks a lot!

  1. Anonymous said...:

    Nice

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Hackarde's Search Engine- Search Hacking Tutorial,Tool and eBook

Loading
 
HACKARDE © 2011 | Designed by HrDe