I'm on slashdot!
Joel Meulenberg
joelmeulenberg at yahoo.com
Wed Nov 8 23:53:47 CST 2000
Wow, kewL!
I saw that article and had no idea it was from you!
> OK, just wanted to brag.
He who tooteth not his own horn, his horn remains untooted!
> How does this relate to perl? Um... I have a commandline.cgi perl
> script
> that let's you do anything to the "unbreakable" system; gives you
> root from
> a browser.
If you don't mind publishing it, I'd love to see your commandline.cgi
script. I've written a few of those in the past - usually for better
interactivity with free web space accounts that don't allow telnet
access.
Here's an example of the only one I've kept around:
#!/usr/local/bin/perl -w
$|++;
use strict;
use CGI qw(:standard);
my $hist_size = 5;
my ($stdout, @hist);
if (my $cmd = param('cmd')) {
$stdout = `$cmd 2>&1`; # Execute command and gather stdout and
stderr.
@hist = split(/\n/, param('hist'));
@hist = @hist[$#hist-$hist_size+2..$#hist] if @hist >= $hist_size;
push @hist, $cmd; # Append latest command to CGI shell hist
param('hist',join("\n", at hist));
}
print
header()
,start_html('CGI Shell')
,'<!--#echo banner=""-->'
,"<PRE>"
,start_form()
,hidden(-name=>'hist')
," "
,scrolling_list(
-name=>'hist_choice'
,"values"=>[@hist]
,-size=>$hist_size
,-onChange=>"this.form.cmd.value = this.value;
this.form.cmd.focus();"
)
,"<BR>"
,"/bin/sh> ",textfield(-name=>'cmd', -size=>80, -maxlength=>256)
,end_form()
,"<HR>"
,$stdout
,"</PRE>"
,end_html()
;
+Joel
__________________________________________________
Do You Yahoo!?
Thousands of Stores. Millions of Products. All in one Place.
http://shopping.yahoo.com/
More information about the grand-rapids-pm-list
mailing list