SOOP Portal Raven 1.0b Remote Upload Shell Vulnerability

vendor:

Portal Raven

by:

Sun Army

7,5

CVSS

HIGH

Remote Upload Shell Vulnerability

N/A

CWE

Product Name: Portal Raven

Affected Version From: Raven 1.0b

Affected Version To: Raven 1.0b

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win 2003

2010

SOOP Portal Raven 1.0b Remote Upload Shell Vulnerability

Register on the site, rename the shell to .asp.jpg, go to http://site/forum/register.asp?fpn=2, browse and upload the shell, and view the shell address in the text box.

Mitigation:

Ensure that the web application is configured to only allow the upload of files with the appropriate file extensions.

Source

Exploit-DB raw data:

# Exploit Title: SOOP Portal Raven 1.0b Remote Upload Shell Vulnerability
# Google Dork: "Powered by SOOP Portal Raven 1.0b"
# Date: 06-12-2010
# Author: Sun Army
# Version: Raven 1.0b
# Tested on: Win 2003



##################### Exploit ###################
#      
#    1.Register On Site
#  
#     2.Shell Renamed to .asp.jpg  ( shell.asp.jpg  )
#
#     3.Go This Page  --> http://site/forum/register.asp?fpn=2 
#
#     4. Brows And Upload SHell
#
#      5. go http://site/forum/register.asp?fpn=2    --> List Avatars  --> Your 
Personal 
#            Avatar  --> select your Shell and View shell Address in text box
#
#    
#      Google Dork :   ""Powered by SOOP Portal Raven 1.0b"
#
################################################

#  Reported By Turk_Server

#   Team
#   MagicCoder,Plus,Mehdy007,BodyGuard,Nitrojen26,The-Mostafa

#   KinG,Bl4ckl0rd,Turk_server

#   Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon