• Google hackers ka best friend hai to isi ki madad li jiye DNN ka dork google main daliye DNN ka dork yeh hai
inurl:”/portals/0? site:.com
• Dork main last per jahan .com likha hai is ko ap apni marzi se change kar sakte hai jese bd ph ae jo bhi Domain name ho is main likhen.
• Ab search karen . kafi sites aayen gi ab ap ko unki vulnerability check karni hai
• Us ka tariqa yeh hai ke jo bhi website ap ne check karni ho to us web adress ke baad yeh code paste kar den Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
• For Example ap ne aisi site li hai www.victom.com ab is site ke aagey yeh code paste kar den Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
•jub ap yeh code paste karen gen to yeh site kuch aisi ban jaye gi www.victim.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx now enter.
• Ab Agar aisi screen aaye to aisa samjhen site hac ho chuki hai agar aisi scrren na aaye to koi or site pick karen.
• Is screen ka ap ne tesra (third) option Choose karna hai yeh wala “A File On Your Site”
•yeh choose kar ke address bar main yeh java code paste kar den
javascript:__doPostBack(‘ctlURL$cmdUpload’,”)
• Is java code main kuch aisi coding hai ke yeh ap ko ijazat de de ga ke is site per ap apni marzi ki koi bhi file upload kar den For Example is tarah ki text ~ swf ~ jpg ~ gif ~ pdf ~ Files.
• UpLoading ke baad ap ki files hack ki hui web ka address kuch is tarah se ban jaye ga
www.victim.com/portals/0/yourfile.extension
extension se murad .exe .gif fla fla .
• In our case
www.victim.com/portals/0/b.txt
HaPpY HaCkinG.
No comments:
Post a Comment