修补CKFinder编辑器文件解析漏洞WEB安全 -电脑资料

这种漏洞满天下都是 当然我们用的一个程序也不例外 顺便表示我是php文盲 人都是逼出来的啊~

我们需要做的是将重命名目录 重命名文件 建立目录都注释掉 很简单 看看代码就知道了

所有的函数都是抓包获取的 然后去文件中找 注释掉 下面我给出大家

当然目录不一定就是这个路径 大家可以按照实际情况去寻找文件

0x1 注释掉创建目录

ckfinder\core\connector\php\php4\CommandHandler\CreateFolder.php

ckfinder\core\connector\php\php5\CommandHandler\CreateFolder.php

/*禁止创建新文件夹

$sNewFolderName = isset($_GET["NewFolderName"]) ? $_GET["NewFolderName"] : "";

$sNewFolderName = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($sNewFolderName);

if ($_config->forceAscii()) {

$sNewFolderName = CKFinder_Connector_Utils_FileSystem::convertToAscii($sNewFolderName);

}

if (!CKFinder_Connector_Utils_FileSystem::checkFileName($sNewFolderName) || $_resourceTypeConfig-

>checkIsHiddenFolder($sNewFolderName)) {

$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_NAME);

}

*/

0x2注释掉重命名文件

ckfinder\core\connector\php\php4\CommandHandler\RenameFile.php

ckfinder\core\connector\php\php5\CommandHandler\RenameFile.php

/*禁止重命名文件

}

i

$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_NAME);

}

*/

0x3注释掉重命名目录

ckfinder\core\connector\php\php4\CommandHandler\RenameFolder.php

ckfinder\core\connector\php\php5\CommandHandler\RenameFolder.php

/*禁止重命名文件夹

if (!isset($_GET["NewFolderName"])) {

$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_NAME);

}

$newFolderName = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["NewFolderName"]);

$_config =& CKFinder_Connector_Core_Factory::getInstance("Core_Config");

if ($_config->forceAscii()) {

$newFolderName = CKFinder_Connector_Utils_FileSystem::convertToAscii($newFolderName);

}

$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();

if (!CKFinder_Connector_Utils_FileSystem::checkFileName($newFolderName) || $resourceTypeInfo->checkIsHiddenFolder($newFolderName)) {

$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_NAME);

}

*/