Re: CGI scripts & mod_perl
Find the time to READ the documentation Tonight would be a good nite. Ruben http://www.mrbrklyn.com > At the moment, I'm just trying to get mod_perl to work and have users' > scripts use it. I haven't had time to read docs on how to use it, only > enough to get it going. > Will it speed up regular scripts? > Will it reduce the strain on system resources? > Can I force existing scripts to use it with only a section? without > modifying any scripts? > How can I get confirmation that scripts are actually using it > > -- > Didier Godefroy > mailto:[EMAIL PROTECTED] > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI scripts & mod_perl
> > When you're *really* good with mod_perl, you abandon Apache::Registry > and move up to writing handlers or using embedded templating systems > like EmbPerl, Mason, or Template Toolkit. Actually, if your using EMBPERL, why even BOTHER with the CGI interface at all. But I think that EMBPERL uses CGI.pm. I generally teach CGI for ten minutes and then jump straight into therorical Mod_perl and into Practical EMBPERL. Ruben http://www.mrbrklyn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Please Help : Problem at ASP
Why are you sending this to the modperl mailing list.
Re: problems with HTML::Embperl on macos x (darwin)
Is that the new Machintosh BSD OS?
Re: ASP Editor
Why would you ask this on a mod perl mailing list? Use EMACS.
Re: ModPerl job in Manhattan, NY
Ruben I. Safir 1600 East 17th Street Brooklyn, NY 11230 1-718-382-5752 [EMAIL PROTECTED] Skills UNIX, Apache Web Server administration, Networking Administration, C programming, Perl and Perl DBI, SQL, UNIX Script Language, HTML. Introduction to Java and C++. Operating Systems Unix, Linux, BSDI, DOS, Windows, NT Related Skills PageMaker, PhotoShop, GIF Animation, POV Raytracing Art Skills, hardware troubleshooting, PC Installation, Scanning Apache Administration, IP Setup. Experience Feb 2000 Sapphire Software of Brooklyn - Installed Slashdot Clone for Client and set up basic IP networking. March 1999 - Present The New School - Teach Perl and Web Technologies in the continueing education program May 1998 - Present New York University - Manager of Intranet and Software Development and Project Manager. Wrote numerous database driven Web programs using DBI, ModPerl and Perl. Installed and imported the clinical database to Oracle On Red Hat Linux. Ported an Intranet Site from a Windows95 environment to Unix, fixing links using SED and Perl. Ported a DOS medical database from a flat binary Database to MYSQL RDMS using Perl. As the old database is still being used live, the port has to be repeated on a daily basis. Fixed large amounts of bad data. Combined it's 5 directories of data because it originally had a maximum of 32,000 patients. All five database binaries had to be combined into one MYSQL Database. Designed the new schema and built a front end for the over 3,000,000 transactions using CGI techniques , modperl, embperl, javascript and Perl. Installed Apache on Linux while building modules and perl extensions. Instructed co-workers in the basics of Unix administration, while creating a secure web server. Automated the data import to be pooled daily using CRON over IPX from production servers. Dec 1994 - Present Jewish Billboard and Brooklyn on Line - Web Site Administrator and Page Creator. Performed webpage creation skills including CGI writing in C and Perl. Currently developing a Shopping Cart with client side administration, and accounting tools. Extensive use of Perl and MYSQL on a BSDI OS. (http://www.wynn.com/jewish and http://www.brooklynonline) . July 1997 - December 1997 Maramont Corporation: Establish an Intranet with the Apache Webserver Supported about 25 machines on an intranet with Windows Clients and a UNIX Server. Designed and replaced various windows based document management programs which were constraining the corporations ability for web based technology. Wrote several Perl CGI's to parse our production label database into CGI - Netscape output. This eased label design. It permitted the use of Pagemaker to work with the specialized Zebra Bar-code printers over the UNIX print server. Worked with Fox Pro 2.6a and a Database product called TRO to support and helped develop a Purchasing database on Windows 3.11 and Novel. Installed and supported all cooperate software, Photo Shop, Pagemaker, Scanning techniques, Word, Lotus, ect. June 1995 - June 1997 Medical Arts - Part-time Pharmacist Sept 1995 - Feb 1996 Graduate Student Professor at LIU College of Pharmacy in compounding labs. Sept 1984 - 1996 Karson Pharmacy - Full and Part-time Pharmacist. 1981 - 1987 US ARMY - Honorable discharge Education: Sept - Jan 1998 NYU: C++ and Unix Programing April - Oct 1996 Cope Institute: Programming course in UNIX Programming, Shell Scripting, SQL, embedded SQL in C and Oracle. Sep 1995 - Feb 1996 LIU: Fellowship and Ph.D. candidate for Pharmaceutics. Jan 1983 - Sept 1988 LIU Brooklyn Campus: Graduate of Pharmacy Interests and Hobbies Birds and Parrots, Art History, Local History, Jazz, NYC, Writing, Teaching Perl and HTML
Re: large file uploads
Maybe you can explain exactly what you need a little clearer? Ruben
Re: HTML Template Comparison Sheet ETA
Nah You do not want the Perl to look like the HTML at all so the HTML designers aren't confused. Also - why put so much perl into the page at all? [- use mymodule.pm -] Sam Tregar wrote: > > On Mon, 4 Sep 2000, Perrin Harkins wrote: > > > Embedded perl is absolutely the best answer sometimes, but don't > > underestmate the value of turning your example into this: > > > > [% FOREACH thing = list %] > > [% thing.name %] > > [% END %] > > That isn't really much better, in my opinion. It's still too much of a > departure from the HTML around it. Contrast the above to HTML::Template's > looping: > > > > > > With a little education an HTML designer can learn to manipulate the > template syntax. You'll have to teach them to program before they can > deal with a full "foreach" no matter how you dress it up. > > -sam
Re: Passing a hash to a cgi outside a form?
Passing a Hash is a CGI proble (and done like all hash passing).
Mod_perl is not CGI.
Please - if you can. try to send messages as text only without an
attachment.
Ruben
> perl wrote:
>
> Hi there!
>
> Sorry for this question which might sound easy to you, but, does
> anyone know :
> How can a CGI pass and receive a hash without a form?
>
> Please have a look at the following simple scripts :
>
> This is test.cgi
> ---
> #!/usr/bin/perl
> use CGI;
>
> $list->{'value1'} = 'apple';
> $list->{'value2'} = 'fruit';
>
> print "Location: test2.cgi?list=$list \n\n";
> --
>
> This is test2.cgi
> --
> #!/usr/bin/perl
>
> use CGI qw (:standard);
>
> print header;
>
> $list = param('list');
>
> foreach (keys %{$list})
> {
> print "KEY IN LIST = ",$_,br;
> }
> --
>
> Thank you for your help !
--
Ruben I Safir
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Perl Notes:
http://www.wynn.com/jewish/perl_course
http://www.brooklynonline.com
Manager of Intranet Development NYU College of Dentistry
Resume: http://www.wynn.com/jewish/resume.html
Re: [RFC] holding a mod_perl conference
The Grand Cayman is not US Virgin Island? Ruben "Randal L. Schwartz" wrote: > > >>>>> "Vivek" == Vivek Khera <[EMAIL PROTECTED]> writes: > > >>>>> "Z" == Zeppelin writes: > Z> If you spend a week a year in Vegas over a couple of consecutive years, > Z> you'll rapidly become an expert at "How to attend a conference in Vegas." > > Vivek> Good point. Let's move the conferences to Grand Cayman, then, since I > Vivek> just spent a week familiarizing myself with it ;-) And the weather > Vivek> there is excellent... > > Well, then I won't be able to go, since I'm still on probation, and > can't get out of the US. > > -- > Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 > <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> > Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. > See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! -- Ruben I Safir [EMAIL PROTECTED] [EMAIL PROTECTED] Perl Notes: http://www.wynn.com/jewish/perl_course http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentistry Resume: http://www.wynn.com/jewish/resume.html
Re: Modules Lost in EMBPERL
Gerald Richter wrote:
>
> > sub new {
> >
> > my $pkg = shift;
> > my $fdatref = shift;
> > my $database = 'patients';
> > my $obj = bless {
> > '_fdatref' => $fdatref,
> > '_balances' => 0, ## array ref for balances
> > '_prev_patnums' => 0, ## array ref for prev_patnums
> > '_dbh' => SQLHANDLE->allocate($database)
> > }, $pkg;
> > return $obj;
> > }
>
> One problem could be, if SQLHANDLE->allocate dies (e.g. in getdbh), then
> your object will never returned and will be undef in further [- -] blocks
>
> You can wrap your constructor in an eval { } to catch this case.
>
OK - I can give this a try. One thing we noticed though, was it seemed
that
we had a problem with %fdat. When I foreached through %fdat it see what
was going on,
and prior to running anything else from the page which was called from
the database
which is triggering everything else, before running, the problems seemed
to go away.
We are running these pages from HTML::EMBPERL:exec
and I noticed that the latest release has a notice about a bug fix with
%fdat. Can this be the source of the problem?
>
> each [- -] is evaled as a separate anoymous sub,
Then the variables declared within the anonymous subroutines are global
to the
page being executed? And the Page itself is in an EVAL block?
> if there are any [* *]
> blocks they are evaled in one sub together, which calls the other subs, but
> this are the current implementation details, which may change in the future
> (e.g. in Embperl 2.0). Anyway I will make sure that scoping remains the
> same.
OK
When the table loops come into play for the [$ WHILE $] come into the
code,
are they accefting the scoping in any way? I noticed, for example, thay
$maxrow
seems to have local scope to the tables. How is package level
varriables affected.
Obviously, modules have my scoped variable within them accessible only
through the
object. If we hit the tables or a loop, are the previous variables
holding the
object reference is still global and seen under these conditions with
the [- -]?
Thanks Mr Gerald (Yoda) Richter
Are you even in NYC? Would love to get you to talk at one of our
Linux User group meetings. I'll buy the beers.
--
Ruben I Safir
[EMAIL PROTECTED]
http://www.brooklynonline.com
Manager of Intranet Development NYU College of Dentistry
Resume: http://www.wynn.com/jewish/resume.html
Perl Notes:
http://www.wynn.com/jewish/perl_course
Re: Modules Lost in EMBPERL
Gerald...
Thanks for getting back so quickly,
The FINANCEMOD.pm seems to have a correcly built constructor. I tried
to spare the list of
some of the details, but let me just display this snipet...
package FINANCEMOD;
use SQLHANDLE;
sub new {
my $pkg = shift;
my $fdatref = shift;
my $database = 'patients';
my $obj = bless {
'_fdatref' => $fdatref,
'_balances' => 0, ## array ref for balances
'_prev_patnums' => 0, ## array ref for prev_patnums
'_dbh' => SQLHANDLE->allocate($database)
}, $pkg;
return $obj;
}
__
package SQLHANDLE; #BASE CLASS
use DBI;
@ISA = qw(DBI);
sub allocate{
my($pkg) = shift;
my($database) = shift;
my $r_statement = bless {
'_fetch_method' => 'fetchall_arrayref',
'_statement' => 0,
'_records' => 0,
'_database' => $database,
'_dbh' => SQLHANDLE::getdbh($database),
}, $pkg;
return $r_statement;
}
sub getdbh{
my $database= undef;
my $objref = shift;
if( ref($objref) ){
return $objref->{_dbh};
}
$database = $objref;
if (!$database){
die "$! $database\n";
}
my $dbh = DBI->connect("DBI:mysql:$database:localhost",
"root","let.me.in") or die "$!";
return $dbh;
}
_
We run into this trouble when people hit the back button. When trying
to track down the bug, I added a
stich of code to foreach through the fdat hash. Then the problems
seemed to go away...though we are testing
it currently. It might be that the fdat array is not being sent,
destroying the objects ability to be
defined correctly.
Gerald Richter wrote:
>
> > I seem to randomly loose my objects from the EMBPERL pages.
> >
> > For example we have one page from the database called with the
> > following code:
> >
> >
> > 1 [- use FINANCEMOD;
> > 2 $obj = FINANCEMOD->new(\%fdat) -]
> > 3
> >
> > 12 [- $head = $obj->page_head(); -]
> >
> > I get the following error:
> >
> > Can't call method "page_head" without a package or object
> > reference at somegirls line 12.
> >
>
> looks like your new returns undef or at least not an object reference
___
>
> > If we don't include the semicolon after the use statement, the module
> > fails to be called into the program at all.
> >
>
> That doesn't wonder. You always need a semicolon to speparte two Perl
> statements, that nothing special about Embperl
:)
Yes. In order to spare you too much code, I forgot to mention that we
have rewritten the
code to be
[- use FINANCEMOD -]
and this fails to take in the module. It ends with a return 1
statement.
I run into this often.
>
> >
> > What is the best way to make sure use works in a page?
> >
>
> use had worked. If not you have seen an error message about "FINANCEMOD"
> >
> > I'm very confused about how the scoping works. It looks like a bug in
> > EMBPERL.
>
> I don't think so
>
> > The documentation on the scoping is also confusing
> > What exactly is the difference between [- -] and [* *]?
> >
>
> >From point of scoping [- -] is wrapped in an Perl { } block,
Does that mean the entire pages embperl is evaluated together as one
eval?
We call a CGI from modules from EMBPERL all under mod_perl. When we run
into
this bug, it seems to happen after [$ $] if or whiles or foreaches.
I've also wondered
about $escmod - it might be adding to the trouble as we are changing it
from section to selection.
while [* *]
> isn't, but this nothing todo with your problem. Your Embperl code is
> correct, but something inside your new seems to went wrong.
>
> Gerald
>
> -
> Gerald Richterecos electronic communication services gmbh
> Internetconnect * Webserver/-design/-datenbanken * Consulting
>
> Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
> E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925151
> WWW:http://www.ecos.de Fax: +49 6133 925152
> -
--
Ruben I Safir
[EMAIL PROTECTED]
http://www.brooklynonline.com
Manager of Intranet Development NYU College of Dentistry
Resume: http://www.wynn.com/jewish/resume.html
Perl Notes:
http://www.wynn.com/jewish/perl_course
@INC and make test
ext.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIcon /icons/unknown.gif ReadmeName README HeaderName HEADER IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t AddEncoding x-compress Z AddEncoding x-gzip gz tgz AddLanguage en .en AddLanguage fr .fr AddLanguage de .de AddLanguage da .da AddLanguage el .el AddLanguage it .it LanguagePriority en fr de AddType application/x-tar .tgz AddHandler cgi-script .cgi BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 PerlSendHeader On SetEnv EMBPERL_VIRTLOG /tmp/embperl PerlSetEnv EMBPERL_DEBUG 2284 PerlModule Apache::EmbperlChain PerlModule Apache::OutputChain SetHandler perl-script #PerlSetVar Filter On #PerlHandler Apache::BaseRefEmbPerl PerlHandler Apache::OutputChain Apache::EmbperlChain Apache::BASEREF #PerlHandler HTML::Embperl Options ExecCGI -- Ruben I Safir [EMAIL PROTECTED] http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentisty Resume: http://www.wynn.com/jewish/resume.html Perl Notes: http://www.wynn.com/jewish/perl_course
Re: Another IE5 complaint
SWQAAK Tim Tompkins wrote: > > Is this horse dead yet?!? I don't know, but let's kick it an' see if it > squeels! > > Thanks, > > Tim Tompkins > -- Ruben I Safir [EMAIL PROTECTED] http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentistry Resume: http://www.wynn.com/jewish/resume.html Perl Notes: http://www.wynn.com/jewish/perl_course
Re: Another IE5 complaint
That would only work for unix? Or will that mess with windows as well? Tom Christiansen wrote: > > >Are you going to > >complain about all the 404 errors in your log, or are you going to use a > >simple RewriteRule to give people the information they are seeking? > > Well, in the Microsoft case, I'd probably dynamically rewrite the link > to file:///dev/mouse or file:///dev/zero, if that made any sense to > those denizens. > > But that's just me. :-) > > --tom -- Ruben I Safir [EMAIL PROTECTED] http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentistry Resume: http://www.wynn.com/jewish/resume.html Perl Notes: http://www.wynn.com/jewish/perl_course
Re: Another IE5 complaint
Is this sort of thing implimented in Netscape? Is rev and rel implemented in any fashion? -- Ruben I Safir [EMAIL PROTECTED] http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentisty Resume: http://www.wynn.com/jewish/resume.html Perl Notes: http://www.wynn.com/jewish/perl_course
EMBPERL: Possible bug
We are running a lot of embperl stuff and are running into a rather unsual problem when data is entered into a form with 00 (zero-zero) endings including 300, 400, etc. Has anyone seen a bug of this sort? We store our EMBPERL HTML pages in mysql databases and then call them. -- Ruben I Safir [EMAIL PROTECTED] http://www.brooklynonline.com Manager of Intranet Development NYU College of Dentisty Resume: http://www.wynn.com/jewish/resume.html Perl Notes: http://www.wynn.com/jewish/perl_course I think I've determined that our "00" error is less specific than that. It seems like it can happen on any given page EmbPerl page from the database. I'm quite sure the whole "00" thing is just a coincidence. It really seems like an EmbPerl oddity, so it seems like asking on the mod_perl group is the only hope. I've taken out all non-numeric characters from zip code, chart number, and social security number and explicitly converted them to integers. No luck. And I quotemeta'd all of them. In frustration to do something productive instead of looking through pages and pages of misleading Embperl error messages, I add a small navigation option menu to the bottom of every patients.cgi page. It seems to be working without a hitch...
[Fwd: Embperl system interpolation]
Gary,
These are two command that we've tested in perl script and it printed out
hello as it is supposed to(the second example).
${system(echo hello)}
${system('echo hello')}
We tried to put this into a form on the web and see what Embperl would do
with this. And we got nothing. It inputted both of these statements into
the database as a string. Is there anything in embperl that prevents from
this call going to the system? This code produced errors on a different
page that we use to authenticate passwords where this code was looked at
by DBI and tried to create an SQL call (following is the err msg)
[17074]ERR: 32: Line 14: Warning in Perl code: DBD::mysql::st execute
failed: You have an error in your SQL syntax near 'echo hello')}')' at
line 1 at /usr/lib/perl5/SQLHANDLE.pm line 118.
So, both of these pages are embperl pages,but why the error in one place
and not in the other?
-Akshay
Re: PC Week: Attacked and hacked!
Matt -
I share your sentiments but I would like to point out a few things about
the use of CGI.pm and Embperl and/or Modperl which which would be
different then if I was writing the uudecoding by my self.
Normally, I would parse out metachars in the processes of decoding input
from the browser. When I use embperl, (and CGI.pm by default),
everything is in a nice HASH for me. What's to stop someone from
entering metachars of {}, or other perl code into a field and have it
processed by embperl?
My own decoding routines only let in what I deem safe. CGI.pm is doing
this for me.
It the data input being scrubbed or checked?
Ruben
Matt Sergeant wrote:
>
> On Tue, 12 Oct 1999, Ruben I Safir wrote:
> > Dear Boss
> >
> > Thanks for pointing this article from PC Week out.
> >
> > I've already read and reviewed this, and discussed it with the hacker
> > after it was anounced 3 weeks ago on http://slashdot.org.
> > The hacker attacked a shrink wrapped CGI application with a documneted
> > hackers weakness that has been passed around the net.
> >
> >
> >
> > See: http://slashdot.org/articles/99/09/24/1224221.shtml
> >
> >
> >
> >
> > Note this discussion below which has been reviewed. Please review it as
> > well so tha everyone is fully versed in the details of network security.
> >
> > I'm wondering if anyone else has comments on this. How secure is CGI.pm
> > and EMBPERL?
>
> All CGI scripts, no matter what language they are written in, can be
> insecure. There's no need to discuss this here - simply read the cert's CGI
> script security document. If you haven't read it and follow it's
> precautions (which the developers of the photoads script obviously didn't)
> then you shouldn't be developing secure web sites. There's really nothing
> further to discuss.
>
> --
>
>
> Details: FastNet Software Ltd - XML, Perl, Databases.
> Tagline: High Performance Web Solutions
> Web Sites: http://come.to/fastnet http://sergeant.org
> Available for Consultancy, Contracts and Training.
>
> -
> Please check "http://www.mysql.com/Manual_chapter/manual_toc.html" before
> posting. To request this thread, e-mail [EMAIL PROTECTED]
>
> To unsubscribe, send a message to the address shown in the
> List-Unsubscribe header of this message. If you cannot see it,
> e-mail [EMAIL PROTECTED] instead.
Re: PC Week: Attacked and hacked!
Dear Boss
Thanks for pointing this article from PC Week out.
I've already read and reviewed this, and discussed it with the hacker
after it was anounced 3 weeks ago on http://slashdot.org.
The hacker attacked a shrink wrapped CGI application with a documneted
hackers weakness that has been passed around the net.
See: http://slashdot.org/articles/99/09/24/1224221.shtml
Note this discussion below which has been reviewed. Please review it as
well so tha everyone is fully versed in the details of network security.
I'm wondering if anyone else has comments on this. How secure is CGI.pm
and EMBPERL?
Ruben
PS - Note the follwing from slashdot.org. This is being sent out
broadly for increased discussion on the issue.
dated Sept 24Author: pankaj (10.0.0.1)
Date: 09-25-1999 00:16
Kudos to Jfs, here are the detail straight from the horses
mouth. We'll post them on the Linux site homepage later
First of all, I had to gather information on the remote
host, what ports the machine had open and what possibilities were
left open. After checking that most of the ports were either
filtered by the firewall or unusable due to the tcp
wrapper in the host, I decided that I was left only with the
HTTP server.
lemming:~# telnet securelinux.hackpcweek.com 80
Trying 208.184.64.170...
Connected to securelinux.hackpcweek.com.
Escape character is '^]'.
POST X HTTP/1.0
HTTP/1.1 400 Bad Request
Date: Fri, 24 Sep 1999 23:42:15 GMT
Server: Apache/1.3.6 (Unix) (Red Hat/Linux)
(...)
Connection closed by foreign host.
lemming:~#
So, it was running apache on a Red Hat box. The webpage said
that the server will also run mod_perl, but mod_perl leaves
a fingerprint in the Server: header which was not shown in
the header that this server sent out.
Apache 1.3.6 doesn't ship with any CGI programs available to
the remote user, but I didn't know about the RH distro, so I
gave the common faulty CGIs a try (test-cgi, wwwboard,
Count.cgi...)
After no results, I tried to find out what the website
structure was, gathering information from the HTML pages, I found
out that the server had this directories under the
DocumentRoot of the website:
/
/cgi-bin
/photoads/
/photoads/cgi-bin
So I got interested in the photoads thingie, which seemed
like an installable package to me. After some searching on the
WWW I found out that photoads was a commercial CGI package
from "The Home Office Online"
(http://www.hoffice.com). It sells for $149, and they grant
you access to the source code (Perl), so that you can check
and modify it.
I asked a friend if he would let me gave a look at his
photoad installation
and this is how I got access to a copy of what could be
running in the securelinux machine.
I checked the default installation files and I was able to
retrieve the ads database (stored in the
http://securelinux.hackpcweek.com/photoads/ads_data.pl) with
all the user passwords for their ads. I also tried to access
the configuration file /photoads/cgi-bin/photo_cfg.pl but
because of the server setup I couldn't get it.
I got the /photoads/cgi-bin/env.cgi script (similar to
test-cgi) to give me details of the server such as the location in
the filesystem of the
DocumentRoot (/home/httpd/html) apart from other interesting
data (user the
server runs as, in this case nobody).
So, first things first, I was trying to exploit either SSI
(Server side includes) or the mod_perl HTML-embedded commands,
which look something like:
for SSI
for mod_perl
The scripts filtered thsi input on most of the fields,
through a perl regexp that didn't leave you with much room to
exploit. But I also found a user assigned variable that
wasn't checked for strange values before making it into the HTML
code, which will let me embed the commands inside the HTML
for server side parsing:
In post.cgi, line 36:
print "you are trying to post an AD from another URL:
$ENV{'HTTP_REFERER'}n";
The $ENV{'HTTP_REFERER'} is a user provided variable (though
you have to know a bit of how HTTP headers work in order to
get it right), which will allow us to embed any HTML into
the code, regardless of what the data looks like.
Refer to the files getit.ssi and getit.mod_perl for the
actual exploit.
To exploit it, do something like:
lemming:~# cat getit.ssi | nc securelinux.hackpcweek.com 80
