Annotation of embedaddon/thttpd/cgi-src/phf.c, revision 1.1.1.1
1.1 misho 1: /* phf - cracker trap
2: **
3: ** Old distributions of the NCSA and Apache web servers included a
4: ** version of the phf program that had a bug. The program could
5: ** easily be made to run arbitrary shell commands. There is no real
6: ** legitimate use for phf, so any attempts to run it must be considered
7: ** to be attacks. Accordingly, this version of phf logs the attack
8: ** and then returns a page indicating that phf doesn't exist.
9: **
10: **
11: ** Copyright © 1996 by Jef Poskanzer <jef@mail.acme.com>.
12: ** All rights reserved.
13: **
14: ** Redistribution and use in source and binary forms, with or without
15: ** modification, are permitted provided that the following conditions
16: ** are met:
17: ** 1. Redistributions of source code must retain the above copyright
18: ** notice, this list of conditions and the following disclaimer.
19: ** 2. Redistributions in binary form must reproduce the above copyright
20: ** notice, this list of conditions and the following disclaimer in the
21: ** documentation and/or other materials provided with the distribution.
22: **
23: ** THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24: ** ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25: ** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26: ** ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27: ** FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28: ** DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29: ** OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30: ** HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31: ** LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32: ** OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33: ** SUCH DAMAGE.
34: */
35:
36: #include <stdio.h>
37: #include <stdlib.h>
38: #include <string.h>
39: #include <syslog.h>
40:
41: #include "config.h"
42:
43: static char* argv0;
44:
45: int
46: main( int argc, char* argv[] )
47: {
48: char* cp;
49:
50: argv0 = argv[0];
51: cp = strrchr( argv0, '/' );
52: if ( cp != (char*) 0 )
53: ++cp;
54: else
55: cp = argv0;
56: openlog( cp, LOG_NDELAY|LOG_PID, LOG_FACILITY );
57: syslog( LOG_CRIT, "phf CGI probe from %s", getenv( "REMOTE_ADDR" ) );
58: (void) printf( "\
59: Content-type: text/html\n\
60: Status: 404/html\n\
61: \n\
62: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD>\n\
63: <BODY><H2>404 Not Found</H2>\n\
64: The requested object does not exist on this server.\n\
65: The link you followed is either outdated, inaccurate,\n\
66: or the server has been instructed not to let you have it.\n\
67: </BODY></HTML>\n" );
68: exit( 0 );
69: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to phf.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / thttpd / cgi-src