Annotation of embedaddon/thttpd/cgi-src/phf.c, revision 1.1
1.1 ! misho 1: /* phf - cracker trap
! 2: **
! 3: ** Old distributions of the NCSA and Apache web servers included a
! 4: ** version of the phf program that had a bug. The program could
! 5: ** easily be made to run arbitrary shell commands. There is no real
! 6: ** legitimate use for phf, so any attempts to run it must be considered
! 7: ** to be attacks. Accordingly, this version of phf logs the attack
! 8: ** and then returns a page indicating that phf doesn't exist.
! 9: **
! 10: **
! 11: ** Copyright © 1996 by Jef Poskanzer <jef@mail.acme.com>.
! 12: ** All rights reserved.
! 13: **
! 14: ** Redistribution and use in source and binary forms, with or without
! 15: ** modification, are permitted provided that the following conditions
! 16: ** are met:
! 17: ** 1. Redistributions of source code must retain the above copyright
! 18: ** notice, this list of conditions and the following disclaimer.
! 19: ** 2. Redistributions in binary form must reproduce the above copyright
! 20: ** notice, this list of conditions and the following disclaimer in the
! 21: ** documentation and/or other materials provided with the distribution.
! 22: **
! 23: ** THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
! 24: ** ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 25: ** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 26: ** ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
! 27: ** FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 28: ** DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 29: ** OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 30: ** HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 31: ** LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 32: ** OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 33: ** SUCH DAMAGE.
! 34: */
! 35:
! 36: #include <stdio.h>
! 37: #include <stdlib.h>
! 38: #include <string.h>
! 39: #include <syslog.h>
! 40:
! 41: #include "config.h"
! 42:
! 43: static char* argv0;
! 44:
! 45: int
! 46: main( int argc, char* argv[] )
! 47: {
! 48: char* cp;
! 49:
! 50: argv0 = argv[0];
! 51: cp = strrchr( argv0, '/' );
! 52: if ( cp != (char*) 0 )
! 53: ++cp;
! 54: else
! 55: cp = argv0;
! 56: openlog( cp, LOG_NDELAY|LOG_PID, LOG_FACILITY );
! 57: syslog( LOG_CRIT, "phf CGI probe from %s", getenv( "REMOTE_ADDR" ) );
! 58: (void) printf( "\
! 59: Content-type: text/html\n\
! 60: Status: 404/html\n\
! 61: \n\
! 62: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD>\n\
! 63: <BODY><H2>404 Not Found</H2>\n\
! 64: The requested object does not exist on this server.\n\
! 65: The link you followed is either outdated, inaccurate,\n\
! 66: or the server has been instructed not to let you have it.\n\
! 67: </BODY></HTML>\n" );
! 68: exit( 0 );
! 69: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to phf.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / thttpd / cgi-src