WEBSITE HACKING WITH DOT NET NUKE EXPLOIT
A google dork is an act of using google provided search terms to obtain a specific result and this DNN vulnerability occurs only in those websites which have “/portals/0″ in their navigation, So goahead and search for inurl:”/portals/0″ where inurl asks the google to display all the url’s who have /portals/0 in their navigation
1.Lets say the vulnerable website is:
www.vulnerablewebsite.com/portals/0
2.Now we will just add Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx after the url so http://www.vulnerablewebsite.com/portals/0 will become http://www.vulnerablewebsite.com/portals/0Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
3.Now a website is vulnerable to this type of attack you will get a similar windows like the below one:
javascript:__doPostBack(‘ctlURL$cmdUpload’,”)
What this javascript will do is that it will enable us to upload our image to the server:
Countermeasures
1.The easiest method is to rename your fcklinkgallery to some thing else but it will not prevent this attack, but you can protect it from script kiddie’s in this way, A skilled hacker can easily find the renamed file by using some Footprinting methods
2.Another way to prevent this attack is to upgrade to IIS 7 or higher and a DNN version of 4.9.4 or higher
LEARN WEBSITE HACKING AND SECURITY WITH DVWA TOOLS
Basically Damn vulnerable web app(DVWA) PHP/MySQL web app which is Damn vulnerable, DVWA web app allows you to learn and practice web application attacks in a safe environment, It’s latest version is DVWA 1.7.
Vulnerabilities
- SQL Injection
- XSS (Cross Site Scripting)
- LFI (Local File Inclusion)
- RFI (Remote File Inclusion)
- Command Execution
- Upload Script
- Login Brute Force
- Blind SQL Injection
And much more.
Official warning
It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.