Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re: CGI textfield injection

by Tanalis (Curate)
on Jul 28, 2005 at 21:03 UTC ( [id://479132]=note: print w/replies, xml ) Need Help??


in reply to CGI textfield injection

I could, but I won't. While your intentions might be honourable enough, there's no guarantee that the next person who reads this thread will have the same innocuous intentions.

You can almost certainly set up suitable logging via your web server to trap the request that's being made that's causing the malicious content to be injected. That should allow you to figure out how to simulate the request, and hence help you close the hole.

Sorry to not be more help.

Update: Yet another grammatical fix.

Replies are listed 'Best First'.
Re^2: CGI textfield injection
by cmic (Acolyte) on Jul 29, 2005 at 12:14 UTC
    Hello Foxclub. I do agree with your explanations. I'm gonna find a way to test a similar idea and get the client/server messages to guess what happens. I understand it could be dangerous to publish such code here.
    Next time, maybe...
    -- cmic. Life helps. Perl Too.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://479132]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others surveying the Monastery: (3)
As of 2024-03-29 07:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found