Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: Re: Re: Encrypting Largish Files

by blakem (Monsignor)
on Sep 24, 2001 at 23:15 UTC ( #114404=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Encrypting Largish Files
in thread Encrypting Largish Files

You're probably fooling youself a bit... The first stage in almost any cgi exploit is to find a way to read the source code. There are lots of ways to do this, but a classic one is to use one insecure CGI to read the source of another. I frequently get entries in my access_log that look like this:
GET http://whatever.com/cgi-bin/some.cgi?file=../cgi-bin/someother.cgi
If the author of some.cgi wasn't careful, its possible that some.cgi will spit back the source to someother.cgi.

-Blake

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://114404]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (2)
As of 2022-10-01 11:36 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I prefer my indexes to start at:




    Results (126 votes). Check out past polls.

    Notices?