hello,everyone.
help me,please.
i have found vulnerability in asp.net web server.
i can login with admin account and then upload web shell using the vulnerability.
but i have a question.
i wanna automate the attack process as c# code.
poc code make of c# and it take that login with admin account and password in vul server and then get cookie authenticated.
then attacker upload shell in web root with authenticated cookie.
there is a problem.
i wanna simulate login process with c# code. but i cannot call "LoginButtonClick" function in the server side asp.net with the poc c# code.
===========login.cs========server code
...
Page_Load(...)
{
...
}
LoginButtonClicked(...)
{
...
}
...
==========================
==========attacker.cs=======client code
...
mHttp.Login(admin,password);
...
============================
mHttp.Login of attacker.cs -> LoginButtonClicked of login.cs
How can i make that ?
help me,please.
i have found vulnerability in asp.net web server.
i can login with admin account and then upload web shell using the vulnerability.
but i have a question.
i wanna automate the attack process as c# code.
poc code make of c# and it take that login with admin account and password in vul server and then get cookie authenticated.
then attacker upload shell in web root with authenticated cookie.
there is a problem.
i wanna simulate login process with c# code. but i cannot call "LoginButtonClick" function in the server side asp.net with the poc c# code.
===========login.cs========server code
...
Page_Load(...)
{
...
}
LoginButtonClicked(...)
{
...
}
...
==========================
==========attacker.cs=======client code
...
mHttp.Login(admin,password);
...
============================
mHttp.Login of attacker.cs -> LoginButtonClicked of login.cs
How can i make that ?
