Hacker, Researcher and Author.

Website Hacking with Dot net nuke exploit

In this tutorial I will tell you how hackers use a simple dot net nuke exploit to hack a website, Now the exploit I am talking about is found in hundreds and hundreds on DNN applications and it allows the hacker to upload an image on your server, This type of attack is also called one way Hacking and at the end of article I have also posted some countermeasures to help you defend your self against these kinds of attack

You might be interested in reading some related posts at RHA:
Note:The Purpose of this tutorial is not to excite hackers but to make your aware of how hackers can Hack your websites


Website Hacking with DNN attack

Google Dork

A google dork is an act of using google provided search terms to obtain a specific result and this DNN vulnerability occurs only in those websites which have "/portals/0" in their navigation, So goahead and search for inurl:”/portals/0″ where inurl asks the google to display all the url's who have /portals/0 in their navigation

1.Lets say the vulnerable website is:

 www.vulnerablewebsite.com/portals/0

2.Now we will just add Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx after the url so www.vulnerablewebsite.com/portals/0 will become www.vulnerablewebsite.com/portals/0Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

3.Now a website is vulnerable to this type of attack you will get a similar windows like the below one:


4.Next enter the following Javascript in the address bar:
javascript:__doPostBack(‘ctlURL$cmdUpload’,”)

What this javascript will do is that it will enable us to upload our image to the server:


5.The hacker could upload any image on victims website.

Countermeasures

1.The easiest method is to rename your fcklinkgallery to some thing else but it will not prevent this attack, but you can protect it from script kiddie's in this way, A skilled hacker can easily find the renamed file by using some Footprinting methods

2.Another way to prevent this attack is to upgrade to IIS 7 or higher and a DNN version of 4.9.4 or higher

Feel free to ask if you have any kind of problem with any thing mentioned in this tutorial

8 comments:

  1. I tried it with few website but it returns an error:
    Server Error in '/' Application.

    The resource cannot be found.

    Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.

    Requested URL: /portals/0/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx



    remember I tried different stuffs like moving the "/" etc...but all went in vain

    ReplyDelete
  2. Kindly comment with your real name next time, I believe there could be 2 reasons behind this error.
    1.The website is not vulnerable
    2.facklinkgallery.aspx has been renamed to some thing else

    ReplyDelete
  3. That was nice Rafay. This only works on MS server which is not updated to IIS 7, is that means all previous versions of IIS are vulnerable to this problem.

    ReplyDelete
  4. Hi it is really good article yar.. so i posted this article to my website

    https://sites.google.com/site/greateindiaclub/software-zones/hacking/hacking-updates/websitehackingwithdotnetnukeexploit

    Don't worry i added your name as author...

    Do well.. all the very best

    ReplyDelete
  5. http://www.therock.net.nz/Portals/0Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
    not working bro need help

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.