Archive for Feb 9, 2014

Hacking DNN Based Web Sites



Hacking DNN Based Web Sites

Hacking DNN Based Web Sites


Hacking DNN (Dot Net Nuke) CMS based websites is based on the Security Loop Hole in the CMS. For using that exploit we will see the few mentioned points which illustrates us on how to hack any live site based on Dot Net Nuke CMS.

Vulnerability : This is the know Vulnerability in Dot Net Nuke (DNN) CMS. This allows aone user to Upload a File/Shell Remotely to hack that Site which is running on Dot Net Nuke CMS. The Link's for more Information regarding this Vulnerability is mentioned below -
                                http://www.exploit-db.com/exploits/12700/

Getting Started : Here we will use the Google Dork to trace the sites that are using DNN (Dot Net Nuke) CMS and are vulnerable to Remote File Upload.

How To Do It : Here, I an mentioning the few points on how to Search for the existing Vulnerability in DNN.



Let's Begin with the Tutorial...

Step 1. Go To http://www.google.com

Step 2. Now Enter this Dork -  :inurl:/tabid/36/language/en-US/Default.aspx

Now you will see the following as mentioned in the below Image -


The above Dork is used for tracing the sites running on the Dot Net Nuke CMS and will provide us the URL which are Vulnerable and which can be manipulated further to Upload Files Remotely.