I'm on slashdot!

[Joel Meulenberg]

Wow, kewL!
I saw that article and had no idea it was from you!

> OK, just wanted to brag.

He who tooteth not his own horn, his horn remains untooted!


> How does this relate to perl?  Um... I have a commandline.cgi perl
> script
> that let's you do anything to the "unbreakable" system; gives you
> root from
> a browser.

If you don't mind publishing it, I'd love to see your commandline.cgi
script.  I've written a few of those in the past - usually for better
interactivity with free web space accounts that don't allow telnet
access.

Here's an example of the only one I've kept around:

#!/usr/local/bin/perl -w
$|++;
use strict;
use CGI qw(:standard);

my $hist_size = 5;

my ($stdout, @hist);
if (my $cmd = param('cmd')) {
    $stdout = `$cmd 2>&1`;  # Execute command and gather stdout and
stderr.
    @hist = split(/\n/, param('hist'));
    @hist = @hist[$#hist-$hist_size+2..$#hist] if @hist >= $hist_size;
    push @hist, $cmd;  # Append latest command to CGI shell hist
    param('hist',join("\n", at hist));
}

print
  header()
 ,start_html('CGI Shell')
 ,'<!--#echo banner=""-->'
 ,"<PRE>"
 ,start_form()
 ,hidden(-name=>'hist')
 ,"         "
 ,scrolling_list(
     -name=>'hist_choice'
    ,"values"=>[@hist]
    ,-size=>$hist_size
    ,-onChange=>"this.form.cmd.value = this.value;
this.form.cmd.focus();"
  )
 ,"<BR>"
 ,"/bin/sh> ",textfield(-name=>'cmd', -size=>80, -maxlength=>256)
 ,end_form()
 ,"<HR>"
 ,$stdout
 ,"</PRE>"  
 ,end_html()
;



+Joel



__________________________________________________
Do You Yahoo!?
Thousands of Stores.  Millions of Products.  All in one Place.
http://shopping.yahoo.com/