|Call Sahil Baghla for Seminar, Workshop & Guest Lecture|
Subscribe & Don't Miss A Free Ethical Hacking Course
Hi Friends, I am back on track after many days. I will be updating EthicalHacking1.com with new articles everyday.
There are many method by which website are being hacked. Today we will discuss about Dot Net Nuke Hacking.
It is explained here for education purpose. Don’t misuse it to create chaos.
What is DNN ?
DotNetNuke is the leading open source ASP.NET content management system and .NET web application development framework.
How it can be hacked ?
It can be hacked due to upload vulnerability in its coding. Still no of websites are not updated so still this vulnerability is present.
Go to http://www.google.com
Enter any one Google dork to find the vulnerable website.
Now you are able to find any sites, select any random site
For example take this site as
Replace /Home/tabid/36/Language/en-US/Default.aspx with
You are able to get a link gallery page as this page
If you are not to get page like this then try for other websites.
As you get this page don’t do anything wait for the next step
Select file option on the page and then do the next step
Here you go now you are able to upload shell on this website. Remember one important thing this is .aspx website. So you are only able to asp shell.
Some asp shell works on some sites. I am giving link to some asp shells, still if you are able to find any good asp shell from google then provide link on comments too.
Click Here to download Asp shell.
Password for the file is www.ethicalhacking1.com
How to upload shell on this website ?
Uploading a shell file as example as hackinshell.asp is not possible we will upload it as hackingshell.asp;.jpg by changing it extension as
Example hackinshell.asp is changed as hackinshell.asp;.jpg
Now let show you uploading shell to deface this website.
Step 1. Click Browse button and upload the shell.
Step 2. After you upload the shell or any text file , it goes as
and when you try to open above url shell will open as
You are able to perform anything on the vulnerable website.
Eyes Get Opened about Dot Net Nuke Website Vunerability
Will write next tutorial about securing DNN website. So that if you can secure your DNN website then noone can hack it.
Sahil Baghla (Cyber Security Guru)
CEO | President