FCKeditor create a folder, Upload a file when“.” Change“_”to break-vulnerability warning-the black bar safety net

ID MYHACK58:62201233638
Type myhack58
Reporter 佚名
Modified 2012-04-12T00:00:00


Some of the tips, and sometimes quite useful, to collect, data collection in the Internet......

FCKeditor file uploads“.” Change“_”underscores the bypass method:

This is published online:

A lot of times the uploaded file for example: shell.php.rar or shell.php;. jpg becomes shell_php;. jpg this is the new version of the FCK change, try to upload 1. asp;jpg

Submitted shell.php+space to get around, but the spaces only support win system is *nix is not supported, shell.php and shell.php+spaces is 2 different files, not the test.

Continue to upload the same file variable for shell.php;(1). jpg, you can also create a new folder, only the detection of the first level of the directory, if the jump to a secondary directory is not limited.

Breakthrough in the build folder:

editor/FCKeditor/editor/filemanager/connectors/asp/connector. asp? Command=CreateFolder&Type=Image&CurrentFolder=/qing. asp&NewFolderName=x. asp


The current directory name: CurrentFolder=/qing. asp

New directory name: NewFolderName=x. asp

Actually very simple, in the directory where the write x. asp, and then click new catalog in the pop-up dialog box, just write......

Then x. asp has been established to generate, this approach hundred test Braun the!

New folder the parameter x. asp, basic can get.