How To Perform a DNN(DotNetNuke) Exploit
To Start this we are going to use a google dork located bellow so just put it in google and search, and just click any link most of them are vuln.
Here's a picture for people that do not understand
Okay I found a Vuln link when you find yours it should open up and look like the picture bellow.
![[Image: 45wens.jpg]](http://img198.imageshack.us/img198/5278/45wens.jpg)
Now You want to locate the last bulletin point it usually says file. I'll show you in the picture bellow.
![[Image: bqx5b4.jpg]](http://img267.imageshack.us/img267/50/bqx5b4.jpg)
Now here's where the acutely exploitation takes place, you want to locate up to the url area ex.(http://sitename.net/Providers/HtmlEditorProviders) and type this simple code and click enter(code located bellow)
Now You should see browse as in the picture bellow. . .
![[Image: 8uvxcq.jpg]](http://img706.imageshack.us/img706/9185/8uvxcq.jpg)
After that you just click choose file/browse and upload your shell. You can locate your shell on the website and deface it at (http://sitename/portals/0/YourShellname)
To Start this we are going to use a google dork located bellow so just put it in google and search, and just click any link most of them are vuln.
Code:
inurl:/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Okay I found a Vuln link when you find yours it should open up and look like the picture bellow.
![[Image: 45wens.jpg]](http://img198.imageshack.us/img198/5278/45wens.jpg)
Now You want to locate the last bulletin point it usually says file. I'll show you in the picture bellow.
![[Image: bqx5b4.jpg]](http://img267.imageshack.us/img267/50/bqx5b4.jpg)
Now here's where the acutely exploitation takes place, you want to locate up to the url area ex.(http://sitename.net/Providers/HtmlEditorProviders) and type this simple code and click enter(code located bellow)
Code:
javascript:__doPostBack('ctlURL$cmdUpload','')
![[Image: 8uvxcq.jpg]](http://img706.imageshack.us/img706/9185/8uvxcq.jpg)
After that you just click choose file/browse and upload your shell. You can locate your shell on the website and deface it at (http://sitename/portals/0/YourShellname)
You did the a great work writing and revealing the hidden beneficial features of Tech news
ReplyDeleteUsually I never comment on blogs but your article is so convincing that I never stop myself to say something about it. You’re doing a great job Man, I like it..Top Tech Sites..Keep it Up!Keep it up.
ReplyDelete