Slashdot Mirror

← Back to Stories (view on slashdot.org)

Shell Simulation Via CGI

Posted by Hemos on from the playing-around dept.

mischi writes "CGI-Shell simulates a shell using CGI. So everybody who has a CGI-directory on a web-server, also has its own shell on it -- comparable with Telnet or SSH. That's really practical, because most webhosters don't offer a shell (for free) -- but do offer CGI. With CGI-Shell you can execute commands, copy files or just explore your webserver. Even a history and auto-completion with tabulator are included. "

4 of 332 comments (clear)

  1. I had the opposite by infiniti99 · · Score: 4, Insightful

    This 'cgi shell' trick is not new. If you have cgi access, then you pretty much have system access. I don't even see the point of providers restricting shell access. Between that and cgi, there's no difference in power, only in convenience.

    I once had the opposite problem. About 10 years ago, my ISP gave shell accounts and a web folder, but did not offer cgi. Again, why bother? I got around it rather easily by running my own http server on a non-standard port from my shell account. Then if I wanted to link to a cgi from my web page, I just had to include the ":port" in the URL.

  2. This is news? by Kryptolus · · Score: 4, Insightful

    Isn't something like this obvious?

    Such "shell" CGIs have been around for a while.

    I don't see why this ad...i mean...story deserves to be posted.

    --

    --
    Violators will be prosecuted and prosecutors will be violated.
  3. Re:Backdoors by CaseyB · · Score: 5, Insightful

    If the users currently have the ability to FTP CGI scripts to the server and run them, then how is this is any less secure?

  4. Is it worse than CGI? by Zeinfeld · · Score: 5, Insightful
    When Rob and ARI hacked up CGI it was done as an overnight hack in about 18 hours total. It was not a protocol change so it got no security review.

    My first response was 'you what?'

    Over the next few years we saw countless exploits of the form 'add this to the command line arguments, execute an arbitrary command'.

    This is one reason why I so hate 'its only like what we do before' type security arguments. What you are already doing may be braindamaged.

    People like to complain about IIS security but they fail to acknowledge that the single architectural issue that has led to those exploits is structurally similar to CGI. The game is to persuade a script to execute an arbitrary command.

    Apache has had fewer exploits simply because the bugs are attributed to the braindamaged scripts written by the users.

    If you want to run a secure Web server the thing to do is to turn off all scripting. Compiling the scripts and linking them into the server as a plug in is a lot more satisfactory as an architectural approach, especially if you have ways to reduce the privilleges of that module to least priv.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/