# Exploit Title: SOOP Portal Raven 1.0b Remote Upload Shell Vulnerability # Google Dork: "Powered by SOOP Portal Raven 1.0b" # Date: 06-12-2010 # Author: Sun Army # Version: Raven 1.0b # Tested on: Win 2003 ##################### Exploit ################### # # 1.Register On Site # # 2.Shell Renamed to .asp.jpg ( shell.asp.jpg ) # # 3.Go This Page --> http://site/forum/register.asp?fpn=2 # # 4. Brows And Upload SHell # # 5. go http://site/forum/register.asp?fpn=2 --> List Avatars --> Your Personal # Avatar --> select your Shell and View shell Address in text box # # # Google Dork : ""Powered by SOOP Portal Raven 1.0b" # ################################################ # Reported By Turk_Server # Team # MagicCoder,Plus,Mehdy007,BodyGuard,Nitrojen26,The-Mostafa # KinG,Bl4ckl0rd,Turk_server # Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon