diff options
author | epochqwert <epoch@53flpnlls43fcguy.onion> | 2015-02-06 02:32:04 -0600 |
---|---|---|
committer | epochqwert <epoch@53flpnlls43fcguy.onion> | 2015-02-06 02:32:04 -0600 |
commit | 3c2d290d17b739f14774dfcdf48581c1fb212286 (patch) | |
tree | 4b3bcf021e9994c21030aad99f84831ad31dbe02 /src/libexec | |
parent | abe09a4717370f331b050ad39da3a7e9a478f02d (diff) | |
download | misc-3c2d290d17b739f14774dfcdf48581c1fb212286.tar.gz misc-3c2d290d17b739f14774dfcdf48581c1fb212286.zip |
some new tools. clump is useful. httpd got some better logging. cuturl got some bugfixes I think. todo is just a version of segfault's !todo but for shell. don't remember what I did to telnet-gateway.sh
Diffstat (limited to 'src/libexec')
-rw-r--r-- | src/libexec/httpd.c | 47 |
1 files changed, 45 insertions, 2 deletions
diff --git a/src/libexec/httpd.c b/src/libexec/httpd.c index 8ba9413..f22e139 100644 --- a/src/libexec/httpd.c +++ b/src/libexec/httpd.c @@ -15,6 +15,37 @@ #define CGI "cgi-bin" #define SERVER "epochttpd/2.0 (Unix)" +// WARNING: this http software is vulnerable. I'm leaving it that way. + +/* just notes for environment variables for CGIs when I need them. + +Key Value +DOCUMENT_ROOT The root directory of your server +HTTP_COOKIE The visitor's cookie, if one is set +HTTP_HOST The hostname of the page being attempted +HTTP_REFERER The URL of the page that called your program +HTTP_USER_AGENT The browser type of the visitor +HTTPS "on" if the program is being called through a secure server +PATH The system path your server is running under +QUERY_STRING The query string (see GET, below) +REMOTE_ADDR The IP address of the visitor +REMOTE_HOST The hostname of the visitor (if your server has + reverse-name-lookups on; otherwise this is the IP address again) +REMOTE_PORT The port the visitor is connected to on the web server +REMOTE_USER The visitor's username (for .htaccess-protected pages) +REQUEST_METHOD GET or POST +REQUEST_URI The interpreted pathname of the requested document or CGI + (relative to the document root) +SCRIPT_FILENAME The full pathname of the current CGI +SCRIPT_NAME The interpreted pathname of the current CGI (relative to + the document root) +SERVER_ADMIN The email address for your server's webmaster +SERVER_NAME Your server's fully qualified domain name (e.g. + www.cgi101.com) +SERVER_PORT The port number your server is listening on +SERVER_SOFTWARE The server software you're using (e.g. Apache 1.3) +*/ + void standard_headers() { printf("Server: %s\r\n",SERVER); printf("Connection: close\r\n"); @@ -33,7 +64,9 @@ int main(int argc,char *argv[]) { struct sockaddr_in6 sa6; unsigned int sl=sizeof(sa6); char h[NI_MAXHOST]; - if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) syslog(LOG_WARNING,"getpeername: %m"); + openlog("httpd",LOG_PID,LOG_DAEMON); + if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) + syslog(LOG_WARNING,"getpeername: %m"); getnameinfo((struct sockaddr *)&sa6,sl,h,sizeof(h),0,0,NI_NUMERICHOST); setenv("REMOTE_ADDR",h,1); if(!strchr(line,'\n')) { @@ -41,10 +74,10 @@ int main(int argc,char *argv[]) { standard_headers(); printf("Content-type: text/plain\r\n\r\n"); printf("use smaller (<%d bytes) headers.\n",getpagesize()); + syslog(LOG_WARNING,"413 Entity Too Large %s len: %d\n",h,strlen(line)); return 0; } if(strchr(line,'\r')) *strchr(line,'\r')=0; - syslog(LOG_WARNING,"%s %s\n",h,line); method=strdup(line); if((page=strchr(method,' '))) { *page=0; @@ -67,24 +100,32 @@ int main(int argc,char *argv[]) { standard_headers(); printf("Content-type: text/plain\r\n\r\n"); printf("use smaller (<%d bytes) headers.\n",getpagesize()); + syslog(LOG_WARNING,"413 somewhere in request line 2+: %s %d\n",h,strlen(line)); return 0; } if(strchr(line,'\r')) *strchr(line,'\r')=0; if(!strncasecmp(line,"Host: ",6)) { setenv("HTTP_HOST",line+6,1); } + if(!strncasecmp(line,"User-agent: ",12)) { + setenv("HTTP_USER_AGENT",line+12,1); + } if(!strcmp(line,"")) { break; } } alarm(0);//no more timeout. + // + syslog(LOG_WARNING,"%s: %s %s %s\n",h,getenv("HTTP_USER_AGENT"),page,get_param); //TODO: sanitize this. if(chdir(VHOST_ROOT) == -1) { printf("HTTP/1.1 500 Internal Server Error\r\n"); standard_headers(); printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",VHOST_ROOT); + syslog(LOG_WARNING,"can't chdir to VHOST_ROOT: %s",VHOST_ROOT); exit(3); } + //I had fun exploiting this. :) if(chdir((char*)getenv("HTTP_HOST")) == -1) { if(chdir(SITES_ROOT) != -1) { if(chdir("default") == -1) { @@ -92,6 +133,7 @@ int main(int argc,char *argv[]) { printf("HTTP/1.1 500 Internal Server Error\r\n"); standard_headers(); printf("Content-type: text/html\r\n\r\nfuck"); + syslog(LOG_WARNING,"can't chdir to default site dir."); exit(1); } //we're good. @@ -100,6 +142,7 @@ int main(int argc,char *argv[]) { standard_headers(); printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",SITES_ROOT); //wtf? no sites dir??? + syslog(LOG_WARNING,"can't chdir to SITES_ROOT: %s",SITES_ROOT); exit(2); } } |