granicus.if.org Git - apache/blob - support/phf_abuse_log.cgi

   1 #!/usr/local/bin/perl
   2
   3 # This script is used to detect people trying to abuse the security hole which
   4 # existed in A CGI script direstributed with Apache 1.0.3 and earlier versions.
   5 # You can redirect them to here using the "<Location /cgi-bin/phf*>" suggestion
   6 # in httpd.conf.
   7 #
   8 # The format logged to is
   9 #    "[date] remote_addr remote_host [date] referrer user_agent".
  10
  11 $LOG = "/var/log/phf_log";
  12
  13 require "ctime.pl";
  14 $when = &ctime(time);
  15 $when =~ s/\n//go;
  16 $ENV{HTTP_USER_AGENT} .= " via $ENV{HTTP_VIA}" if($ENV{HTTP_VIA});
  17
  18 open(LOG, ">>$LOG") || die "boo hoo, phf_log $!";
  19 print LOG "[$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}\n";
  20 close(LOG);
  21
  22 print "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n";