Hack Exploit Site Using DNN
DORK Use Google trying to find a vulnerable site.
inurl: "/ Portals / 0"
You can also modify the Google dork for your needs and requirements.
Two site is vulnerable to this attack:
n00bs can try both sites for testing.
Open the home page, and check for any image, which is located in / Portals / 0 /
Check the location of the image. It should be located in the / portals / 0 /
For example, if https://www.wittur.se .. the image is the location of https://www.wittur.se/Portals/0/SHM.jpg
This means that the site is vulnerable, and we can change the pick face. Now, the name of the current picture is SHM.jpg. Rename the new image that you want to download SHM.jpg proof that you own the system.
Now here is the exploitation of
Suppliers / HtmlEditorProviders / fck / fcklinkgallery.aspx
How it works
Just copy paste as below:
www.site.com / Suppliers / HtmlEditorProviders / fck / fcklinkgallery.aspx
You will see the door where you will be prompted to download. Select File-thirds (a file on your site
After choosing the third option, to replace the address bar below the script
After running this script from Java, you will see the file upload option selected. Then select the image file has been renamed SHM.jpg and download it here. Go to the home page and refresh. you have hacked the site.