Demo: Remote Code Execution in DotNetNuke 8.0.4 скачать в хорошем качестве

Demo: Remote Code Execution in DotNetNuke 8.0.4

We looked at around 300 DotNetNuke deployments in the wild and discovered that one in five installations was vulnerable to CVE-2017-9822. That includes governmental and banking websites. 🛡To help pentesters identify and report this issue and developers to prevent or fix it, we created this practical deep-dive into this Cookie Deserialization RCE vulnerability found in DotNetNuke (DNN). 🛠Learn how to find this issue in the wild by using Google dorks, determine the factors that indicate a DotNetNuke web app is vulnerable, go through hands-on examples, and much more! ⚙️Read the full technical walk-through by Cristian Cornea and learn how to attackers can achieve Remote Code Execution in DotNetNuke version 9.1.1 (CVE-2018-15811) ➡️https://pentest-tools.com/blog/exploi... ______________ 💡 See ALL OUR TOOLS: https://pentest-tools.com/alltools @ us on Twitter:   / pentesttoolscom   Join 46k+ offensive security specialists on LinkedIn:   / pentesttools   #PenetrationTesting #Pentesting #EthicalHacking #PentestToolsCom ______________ WHAT IS Pentest-Tools.com? Use the Pentest-Tools.com platform to quickly detect and report vulnerabilities in websites and network infrastructures! ✔ 20+ tightly integrated penetration testing and ethical hacking tools for easier, faster, and more effective engagements ✔ Built for pentesters, sysadmins, web devs, MSPs, business owners, and other professionals seeking to automate and save time ✔ Painless vulnerability management: add manual findings, change risk levels, delete obsolete targets, create and export customizable reports (complete with vulnerability information and remediation suggestions) ✔ Instant overview of all open ports, services, and running software from all your targets in a central, unified view (Attack Surface) ✔ Comprehensive scanning options: scheduled scans, robust API, internal network scanning through VPN agent, scan multiple targets at the same time ✔ Flexible subscription: choose monthly billing and you can cancel anytime. Alternatively, choose the yearly plan and get a 15% discount! "Pentest-Tools is great for streamlining any security engagement" - Tavis D., Security Engineering Manager "A superb toolbox, not the usual easy online toy" - Mauro G., DevOps Specialist “Pentest-Tools.com is the Swiss Army Knife of scanning tools” Mark D., Apple Certified Support Professional See how our customers use the platform: https://www.g2.com/products/pentest-t...