Fckeditor hacked a certain website

test · Posted on 4/13/2015 11:01:34 AM

A vulnerability in the Fckeditor editor has been detected on a certain site. OK, let's go straight to the tool.

You can see directories, create folders, and upload files.

The server is IIS6, upload a sentence, xx.asp; 1.gif, but what I got after uploading is like this.

After the visit, I was intercepted by the security dog, thinking that I had been killed, so I found a safety dog and uploaded it, and it was still the same. After careful analysis, it was a problem with the incoming parameters, so a xx.asp.jpg horse was uploaded, and it was successfully uploaded.

The kitchen knife is directly connected and taken down.

whoami · Posted on 4/13/2015 9:34:10 PM

It is quite convenient to include a dog

whoami · Posted on 4/13/2015 9:35:28 PM

1.asp; Wheel, wheelThe .jpg is a

test · Posted on 4/13/2015 10:34:04 PM

whoami posted on 2015-4-13 21:35
1.asp; The yoke is the same as the yoke ...

What are you going to do?"

I know you haven't hinted at me · Posted on 4/14/2015 7:59:53 PM

I can't understand

[Safe Communication] Fckeditor hacked a certain website

Related Posts

Sections viewed