Execute CGI
We can have a CGI script executed without
having to bother with AddHandler
,
SetHandler
, or ExecCGI.
The
file exec.shtml contains the following:
<!--#config errmsg="Bungled again!"--> We're now going to execute 'cmd="ls -l"'': << <!--#exec cmd="ls -l"--> >> and now /usr/www/APACHE3/cgi-bin/mycgi.cgi: << <!--#exec cgi="/cgi-bin/mycgi.cgi"--> >> and now the 'virtual' option: << <!--#include virtual="/cgi-bin/mycgi.cgi"--> >> That was it.
There are two attributes available to exec
:
cgi
and cmd
. The
difference is that cgi
needs a URL (in this case
/cgi-bin/mycgi.cgi, set up by the
ScriptAlias
line in the Config file) and is
protected by suEXEC if configured, whereas
cmd
will execute anything.
There is a third way of executing a file, namely, through the
virtual
attribute to the
include
command. When we select
exec.shtml from the browser, we get this result:
We're now going to execute 'cmd="ls -l"'': << total 24 -rw-rw-r-- 1 414 xten 39 Oct 8 08:33 another_file -rw-rw-r-- 1 414 xten 106 Nov 11 1997 echo.shtml -rw-rw-r-- 1 414 xten 295 Oct 8 10:52 exec.shtml -rw-rw-r-- 1 414 xten 174 Nov 11 1997 include.shtml -rw-rw-r-- 1 414 xten 206 Nov 11 1997 size.shtml -rw-rw-r-- 1 414 xten 269 Nov 11 1997 time.shtml >> and now /usr/www/APACHE3/cgi-bin/mycgi.cgi: << Have a nice day >> and now the 'virtual' option: << Have a nice day >> That was it.
A prudent webmaster should view the cmd
and
cgi
options with grave suspicion, since they let writers of SSIs give both themselves and outsiders ...
Get Apache: The Definitive Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.