Course gallery 1.8.9 using shell in the background and security measures

Corridor 1.8.9 is an upgraded version of corridor 1.8.8,
This mainly includes the Chinese and other language files provided on this site,
Fixed some security issues, supplemented the deletion function of Forum posts, and interrupted output exercises or download jobs.
This is an official statement, but the background security problems are very serious,
First, the vulnerability on the www.2cto.com/claroline/claroline/install/ installation page is not deleted by default.

After entering the background, the editor can upload files, but when uploading php, it will automatically become phps

Other files, such as jsp, must be added to the image file header before they can be uploaded. Some scripts may encounter errors when they are added to the file header,

However, this program also has a fatal vulnerability: Create a course on the homepage of the teaching space and click the course to enter.

Select Course exercise. You can upload files at will. Although the PHP file will change to phps after being uploaded, other files will not be uploaded.
Verify the file header!

Another vulnerability is the learning path. This topic can upload a zip package, which can put the jsp horse in it and then pressurize it as zip.
After the file is uploaded, the program automatically decompress

The path to the uploaded file is/courses/to create the courseware directory/document/

Like http://www.bkjia.com/courses/EN/d... 090819208186474.jsp

Security tips:

Note: You can still browse the installation program directory (Claroline/install/) on the network /).
This means that anyone may be able to reinstall your platform! We strongly recommend that you protect the directory or delete it from the server.
Security Warning: We recommend that you set register_globals to off in php. ini.

Author: hualuowusheng, situation arrangement and editing