It is also very dangerous because you could have admins preserving this security hole in automatic backups, or you could have a disgruntled employee use it. Maybe you can compromise important passwords (db server? other hosts?) by showing them to other people through the shell environment variable.

What would be really dangerous is for it to be pushed from a staging server to live server in a general upload that the corporate hosting service does for you. You may not ever be able to tell what is in that directory yourself, and like one large hosting service I know, there may be nobody with brainpower in the loop on their side either.

If you really needed to know something about your server I don't see why you wouldn't just modify your main cgi program to print the data out, then erase that debugging code later.

Of course I tell clients to only use telnetable systems, or to switch to a cheaper provider which has them.. at the very least you will be very sorry when you suddenly need to use compiled C code.

I can imagine a situation where you might want to do something in 5 minutes and you are in trouble, but there is no justification for making a general shell exploit and posting it on perlmonks. I can't see a lot of use for it except as a way to do mischief.

In reply to Re: Run arbitrary UNIX commands on webserver without telnet by mattr
in thread Run arbitrary UNIX commands on webserver without telnet by dmmiller2k

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.