======================================================================
SMF Forum Exploit (every Version)
======================================================================

Author:          mas_bloon<mas_begool [at] yahoo.co.nz>
Status:          patch not available yet
Works  on :   By Default, Admin always  disable "encrypt filenames option"

------------------------------
Affected software description:
------------------------------

Application:     SMF
Version:         Every Version
Vendor:          www.simplemachines.org


--------------
Vulnerability:
--------------
               SMF failed to interpret the ZIP archive 


-------------
Exploit:
-------------


1. Get any php shell file and rename it to .zip file
2. Example : Shell r57.php  rename it to r57.php.zip
3. Upload it to SMF forum as attachment
4.And lastly, the "shell" can be found on  http://[target]/[path]/attachments/r57.php.zip



Enjoy
 Send instant messages to your online friends http://au.messenger.yahoo.com