Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re: using CGI to output a system command

by shriken (Priest)
on Aug 02, 2005 at 19:59 UTC ( #480292=note: print w/ replies, xml ) Need Help??


in reply to using CGI to output a system command

One quick and dirty hack... This is a seriously hideous backdoor if you leave it on a public server. Remember you "command" start in the CGI directory. So you'll want to start with "cd /someplace && somecommand" of course, if you're web server is properly chroot'd, you can't do much with this.

#!/usr/bin/perl # test.cgi # A simple test script used to see if a a cgi-bin problem # exists. print "Content-type: text/html\n\n"; $cmd = $ENV{'QUERY_STRING'}; $cmd=~s/^cmd=//; $cmd=~tr/+/ /; $cmd=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; print <<EOF <form action="/cgi-bin/command.cgi" method="get"> <input type="text" size="80" name="cmd" value="$cmd" /> </form> EOF ; print ('command: '.$cmd."<br />\n"); print("<pre>"); $fh = 'FOO'; if ( !open($fh, $cmd.'|') ) { print 'error: '.$!."<br />\n"; exit(0); } while ( <$fh> ) { print $_; } print("</pre>"); exit(0);


Comment on Re: using CGI to output a system command
Download Code
Re^2: using CGI to output a system command
by drock (Beadle) on Aug 03, 2005 at 17:42 UTC
    ok people, I was able to get what I needed using OO CGI. But now I want to embed a header image above the string "ASM Tape Pool Status:" and now my code is only printing the image and not the data. Any ideas? thank you, derek
    #!/usr/bin/perl use strict; use warnings; use CGI; #use GD; $ENV{"PATH"} = qq(/opt/SUNWsamfs/sbin:/usr/bin); #sub image #{ my $imgtype = qw(gif); my $imgpath = qq(/var/apache/htdocs/images/logo.gif); # open (IMAGE, $imgpath) or die $!; # print "Pragma: no-cache\n"; # print "Content-type: image/$imgtype\n\n"; # # while (read(IMAGE, my $buffer, 16_384) ) # { # print $buffer; # } # # close (IMAGE); #} my $q1 =new CGI; print $q1->header( -type => "image/gif"); while (read(IMAGE, my $buffer, 16_384) ) { print $buffer; my $q =new CGI; print $q->header, $q->start_html('OHIS ASM server: stkv440'), + # Header $q->h1({-style=>'Color:blue'},'ASM Tape Pool Status:'), + # Body open (ARC, "archiver -lv |") or die $!; my $flag=0; while (<ARC>) { if (/(?i)allsets/) { $flag=1; } if ($flag==1) { if (/(?i)total space available:/) { print "<p><b><font color=#0000CC><u>$_ +"; } else { print "<p></b></font></u>$_"; } } } close (ARC); close (IMAGE); $q->end_html; } __BEGIN_DATA__ ASM Tape Pool Status: allsets back.1 media: sf Volumes: STK000 Total space available: 58.8G back.2 media: sf Volumes: STK005 Total space available: 58.8G clinical1.1

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://480292]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (15)
As of 2015-07-01 18:26 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (16 votes), past polls