search
HomeBackend DevelopmentPHP TutorialKindEditor upload parsing vulnerability/list directory/content vulnerability_PHP tutorial
KindEditor upload parsing vulnerability/list directory/content vulnerability_PHP tutorialJul 13, 2016 pm 05:11 PM
kindeditorone timesuperioruploadintroduceaboutcontentarticleloopholesTable of contentsparse

This article will introduce to you the analysis of KindEditor upload parsing vulnerability/listing/content vulnerability. Friends in need can quickly make up for it.

Kindeditor vulnerability: editing code content is executed

Kindeditor vulnerability description: There is no problem when adding kindeditor editing code to the database, that is, some HTML codes will not be executed, for example: web programming, like this The code was not executed when first edited. However, a problem arises when it is taken out from the database and put into kindeditor for modification. This line of HTML code is executed, and the result is this: web programming becomes a hyperlink.

Solution: Take a look at the picture below
Kindeditor漏洞 编辑代码内容被执行


This picture is the backend code file of this website. I replaced the "&" in the content taken out from the database with the entity "&". Then you can retrieve and modify the previously inserted code, and it will display normally.

Special note: I used PHP language to modify the above picture. The idea of ​​other server-side scripting languages ​​is the same and can be replaced.


KindEditor upload parsing vulnerability

Affected versions:

Exploit: Use Windows 2003 IIS parsing vulnerability to get WEBSHELL


KindEditor list directory vulnerability

Test version: KindEditor 3.4.2 KindEditor 3.5.5

1.1.http://netknight.in/67cms/kindeditor/php/file_manager_json.php?path=/
2. //path=/, the absolute path D:AppServwww67cmskindeditorphpfile_manager_json.php
3. 2.http://netknight.in/67cms/kindeditor/php/file_manager_json.php?path=AppServ/www/67cms/
4. //According to the exposed absolute path, modify the path value to AppServ/www/67cms/
5. At this time, all files and file names under d:/AppServ/www/67cms/ will be traversed


Upload modifications to exploit shell vulnerabilities

Affected versions:
KindEditor 3.5.2~4.1

Exploit:
Open the editor, rename the sentence to 1.jpg and upload the image,
Open file management, enter the "down" directory, jump to the last page, the last picture is a sentence we uploaded
Click to change name

Click to change name



Open the inspect element in Google Chrome



Find the form




Modify "jpg" to "asp"



Change the name to 1 Save

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629616.htmlTechArticleThis article will introduce to you about KindEditor upload parsing vulnerability/listing/content vulnerability analysis, friends in need Make it up quickly. Kindeditor vulnerability: editing code content is executed...
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
如何在FastAPI中实现文件上传和处理如何在FastAPI中实现文件上传和处理Jul 28, 2023 pm 03:01 PM

如何在FastAPI中实现文件上传和处理FastAPI是一个现代化的高性能Web框架,简单易用且功能强大,它提供了原生支持文件上传和处理的功能。在本文中,我们将学习如何在FastAPI框架中实现文件上传和处理的功能,并提供代码示例来说明具体的实现步骤。首先,我们需要导入需要的库和模块:fromfastapiimportFastAPI,UploadF

电脑怎么拍照上传电脑怎么拍照上传Jan 16, 2024 am 10:45 AM

电脑只要安装了摄像头就可以进行拍照,但是有些用户还不知道该怎么拍照上传,现在就给大家具体介绍一下电脑拍照的方法,这样用户得到图片之后想上传到哪里都可以了。电脑怎么拍照上传一、Mac电脑1、打开访达,再点击左边的应用程序。2、打开后点击相机应用。3、点击下方的拍照按钮就可以了。二、Windows电脑1、打开下方搜索框,输入相机。2、接着打开搜索到的应用。3、再点击旁边的拍照按钮就可以了。

酷狗上传自己的音乐的简单步骤酷狗上传自己的音乐的简单步骤Mar 25, 2024 pm 10:56 PM

1、打开酷狗音乐,点击个人头像。2、点击右上角设置的图标。3、点击【上传音乐作品】。4、点击【上传作品】。5、选择歌曲,然后点击【下一步】。6、最后点击【上传】即可。

如何在QQ音乐上传歌词如何在QQ音乐上传歌词Feb 23, 2024 pm 11:45 PM

随着数字化时代的到来,音乐平台成为人们获取音乐的主要途径之一。然而,有时候我们在听歌的时候,发现没有歌词是一件十分困扰的事情。很多人都希望在听歌的时候能够显示歌词,以便更好地理解歌曲的内容和情感。而QQ音乐作为国内最大的音乐平台之一,也为用户提供了上传歌词的功能,使得用户可以更好地享受音乐的同时,感受到歌曲的内涵。下面将介绍一下在QQ音乐上如何上传歌词。首先

Win10电脑上传速度慢怎么解决Win10电脑上传速度慢怎么解决Jul 01, 2023 am 11:25 AM

  Win10电脑上传速度慢怎么解决?我们在使用电脑的时候可能会觉得自己电脑上传文件的速度非常的慢,那么这是什么情况呢?其实这是因为电脑默认的上传速度为20%,所以才导致上传速度非常慢,很多小伙伴不知道怎么详细操作,小编下面整理了win11格式化c盘操作步骤,如果你感兴趣的话,跟着小编一起往下看看吧!  Win10上传速度慢的解决方法  1、按下win+R调出运行,输入gpedit.msc,回车。  2、选择管理模板,点击网络--Qos数据包计划程序,双击限制可保留带宽。  3、选择已启用,将带

如何提升电脑上传速度如何提升电脑上传速度Jan 15, 2024 pm 06:51 PM

上传速度变得非常慢?相信这是很多朋友用电脑上传东西时候都会遇到的一个问题,在使用电脑传送文件的时候如果遇到网络不稳定,上传的速度就会很慢,那么应该怎么提高网络上传速度呢?下面,小编将电脑上传速度慢的处理方法告诉大家。说到网络速度,我们都知道打开网页的速度,下载速度,其实还有一个上传速度也非常关键,特别是一些用户经常需要上传文件到网盘的,那么上传速度快无疑会给你省下不少时间,那么上传速度慢怎么办?下面,小编给大伙带来了电脑上传速度慢的处理图文。电脑上传速度慢怎么解决点击“开始--运行”或者“窗口键

如何通过PHP快手API接口,实现视频的播放和上传功能如何通过PHP快手API接口,实现视频的播放和上传功能Jul 21, 2023 pm 04:37 PM

如何通过PHP快手API接口,实现视频的播放和上传功能导语:随着社交媒体的兴起,大众对于视频内容的需求也逐渐增加。快手作为一款以短视频为主题的社交应用,受到了很多用户的喜爱。本文将介绍如何使用PHP编写代码,通过快手API接口实现视频的播放和上传功能。一、获取访问Token在使用快手API接口之前,首先需要获取访问Token。Token是访问API接口的身份

如何在Vue中实现头像上传功能如何在Vue中实现头像上传功能Nov 07, 2023 am 08:01 AM

Vue是一款流行的前端框架,可以用于构建交互性强的应用程序。在开发过程中,上传头像是常见的需求之一。因此,在本文中,我们将介绍如何在Vue中实现头像上传功能,并提供具体的代码示例。使用第三方库为了实现头像上传功能,我们可以使用第三方库,比如vue-upload-component。该库提供了一个上传组件,可以方便地集成到Vue应用程序中。下面是一个简单的示例

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

PhpStorm Mac version

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.