Re: Re: Re: Encrypting Largish Files


XP is just a number
	PerlMonks

Re: Re: Re: Encrypting Largish Files

by blakem (Monsignor)

on Sep 24, 2001 at 23:15 UTC ( [id://114404]=note: print w/replies, xml )

Need Help??

in reply to Re: Re: Encrypting Largish Files
in thread Encrypting Largish Files

You're probably fooling youself a bit... The first stage in almost any cgi exploit is to find a way to read the source code. There are lots of ways to do this, but a classic one is to use one insecure CGI to read the source of another. I frequently get entries in my access_log that look like this:

GET http://whatever.com/cgi-bin/some.cgi?file=../cgi-bin/someother.cgi
[download]

If the author of some.cgi wasn't careful, its possible that some.cgi will spit back the source to someother.cgi.

-Blake

Comment on Re: Re: Re: Encrypting Largish Files Download Code

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://114404]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others chilling in the Monastery: (4)

As of 2024-04-20 00:45 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found