TEXT   432

notes

Guest on 11th October 2021 10:04:12 AM

  1. Put site-specific values into a "settings.pl" file.
  2. Also put in a routine for santizing input data.
  3.   Crude, but helps.
  4. Got "submit.pl" working again, and reproduced the hack by submitting a
  5.   file name of "../test"; then put the sanitize routine in place, and
  6.   verified that the hack no longer worked.  Using a single period
  7.   to.separate.fields in the filename should still work, but double-periods,
  8.   slashes, and such are not allowed.
  9.  
  10. The search function was also vulnerable, since Perl allows all kinds
  11. of wacky stuff inside a search string, including executable code.
  12. Now I've sanitized the search string, which eliminates the power of
  13. doing arbitrary searches, but I doubt that function was much used.
  14. I'll add info on how to use Google to search the archive.
  15.  
  16. Also sanitized the passwords, which sometimes appear in backticked
  17. shell escapes (e.g., 'system ("echo $password...")).

Raw Paste


Login or Register to edit or fork this paste. It's free.