Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re (tilly) 1: Run arbitrary UNIX commands on webserver without telnet

by tilly (Archbishop)
on Oct 30, 2001 at 19:39 UTC ( #122103=note: print w/replies, xml ) Need Help??


in reply to Run arbitrary UNIX commands on webserver without telnet

I far prefer the tried and true:
use CGI qw(:standard); # Time passes open(IN, param("input_file")); # and do the rest of the apparently innocuous program
The proper usage of this handy command runner I leave to your imagination, a close read of open's semantics, and a reminder that if you know how to do a URI encoding, you can put pipes etc into the filename.

Yes. This is a warning about a basic security mistake that you may be making without realizing it...

  • Comment on Re (tilly) 1: Run arbitrary UNIX commands on webserver without telnet
  • Download Code

Replies are listed 'Best First'.
Re(dmm) 2: Run arbitrary UNIX commands on webserver without telnet
by dmmiller2k (Chaplain) on Oct 30, 2001 at 19:42 UTC

    Very stealthy. And concise.

    dmm

    
    You can give a man a fish and feed him for a day ...
    Or, you can teach him to fish and feed him for a lifetime
    

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://122103]
help
Chatterbox?
[LanX]: yep
[erix]: or Ctrl-U to view current html :P
[LanX]: name not id
[LanX]: id isn't approved AFAIK
[LanX]: name works
erix feels silly for having actually tested that contiguous values make no difference in CLUSTERing a table (At least, in postges)
[LanX]: Perl Monks Approved HTML tags
[LanX]: erix and his postguess ...
[erix]: (Grrres...)
[dabella12]: I have a problem install tK on CeontOs using perl 5.24

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (10)
As of 2017-06-24 13:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How many monitors do you use while coding?















    Results (557 votes). Check out past polls.