Tuesday, 31 January 2012

Hack Website Using DNN [Dot Net Nuke] Exploit

Hack Website Using DNN [Dot Net Nuke] Exploit

Using google DORK try to find the vulnerable website.

inurl:"/portals/0"

You can also modify this google dork according to your need & requirement

I have found these 2 website vulnerable to this attack:

http://www.wittur.se/
http://www.bsd405.org/

n00bs can also try both of these websites for testing purpose.

Open the home page and check any image which is located in /portals/0/
Check the location of the image. It should be located in /portals/0/

For e.g. in case of http://www.wittur.se ..the image is located at location- http://www.wittur.se/Portals/0/SHM.jpg

Waaooo it means this website is vulnerable and we can change the front page pic. Now the current image name is SHM.jpg. Rename the new image as SHM.jpg which you want to upload as a proof of you owned the system.

Now here is the exploit

Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

HOW TO RUN ?

Simply copy paste it as shown below:

www.site.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

You will see the portal where it will ask you to upload. Select the third option File ( A File On Your Site

After selecting the third option, replace the URL bar with below script

javascript:__doPostBack('ctlURL$cmdUpload','')

After running this JAVA script, you will see the option for Upload Selected File. Now select you image file which you have renamed as SHM.jpg & upload here. Go to main page and refresh...BINGGOOOOOOOOOOOO you have hacked the website.


Keywords:learn to hack, facebook hacking software download, gmail hacking, twitter hacking , cmd hacks, tips and Securities, youtube downloader, download youtube download,angry birds free download,how to remove this copy windows not genuine, AHSEC previous year question paper for hs 2nd year, AHSEC 2012 question papers for hs 2nd year and final year, Windows Softwares free download AHSEC sample papers for hs final year, free download youtube downloader, youtube downloader free download, learn free hacking, learn hacking free, customize windows, customize windows 7, customize win 7, free hacking softwares, free hacking softwares download, hacking software free download how to hack, learn hacking, learn how to hack, hacking tips, english songs free download, free english songs download, hollywood songs download, become a hacker,Anti Hacking , Hacking , Learn Hacking , Learn Protection from Hackers, warez , Http Proxy , L1/L2/L3 HTTP Proxies , Fresh HTTP High Anonymous / Anonymous / Transparent Proxies ,4/5 socks proxies , keygens , cracks , cracked softwares , cracked programs , keyloggers , bots , RAT , rootkits , shell scripts , free premium accounts , yahoo boters , yahoo programs , yahoo tutorials , yahoo id maker , yahoo room tools , nimbuzz hacking , flooders , programming , pc protection tutorials , security alets , security tutorials , Exploits , Exploit , hacking,hackware,hackers,hack,cracker,crack,patch,serial,software,forum,vulnerability,application,lounge,white hat,graphics,programming,computer,protection,security,alerts,Networking,server,exploits,myspace,warez,downloads,keygen,keylogger,coding,facebook,orkut,flooders elite team,botnets,exploits, reviews, malicious,reverse engineering, analysis, DDOS, Shell, Protect, taskhost, CMD, Net, Bytes, Kilobytes, Megabytes, Gigabytes, Terrabytes, free support, United Kingdom, United States, Alexa, Google, Yahoo, Baidu, Competition, Tabbed head in MYBB,Tab Head plugin, SEO,cpanel, control panel, Proxy, VPN, Webhosting, Webmaster download free hacking tools, free hacking program, hacking software, largest underground hacker convention, hacking security conference, hacking forum, pen-testing, penetration testing, hacker gathering,skywalk3r, lockpicking, hacker community, goons, computer exploits, zero day vulnerabilities, 0day, robotics, hacker attack, defend against hackers hacking, icq, cryptography, hotmail, trojans, cracks, bo2k,aol, firewall, warez, proxy, trojan, subseven, linux, back orifice, serials, flooding, web board, appz, yahoo, passwords, nuke, credit card, irc, netsphere, wingate, gsm,proxies, password, telnet, exploits, bomber, phreaking, spoof,nuker, crack, nukes, serial, virii, cracking, unscambler,jammer, adult check, crackers, crackz, hack, ip, sniffing, wingates, surf,exploit, nukers, anonymous, hackz, antivirus, net bus, satan,smurf attacks, teardrop, security, keyloggers, port scanner,warfare, spoofers, internet, anonymity, cryptology, pgp, mark zuckerburg, Facebook, facebook hack, facebook hacking software, facebook hacking techniques, website hacking, hack website, website hacking software, website deafcing, web deface, web defacing, email hacking, hack email id, hack email, hack ones email, email hacking software, email bomber, hacking, hackingsart, virus!!

No comments:

Post a Comment