1#!@perlbin@ 2# 3# Licensed to the Apache Software Foundation (ASF) under one or more 4# contributor license agreements. See the NOTICE file distributed with 5# this work for additional information regarding copyright ownership. 6# The ASF licenses this file to You under the Apache License, Version 2.0 7# (the "License"); you may not use this file except in compliance with 8# the License. You may obtain a copy of the License at 9# 10# http://www.apache.org/licenses/LICENSE-2.0 11# 12# Unless required by applicable law or agreed to in writing, software 13# distributed under the License is distributed on an "AS IS" BASIS, 14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15# See the License for the specific language governing permissions and 16# limitations under the License. 17# 18# 19# This script is used to detect people trying to abuse the security hole which 20# existed in A CGI script direstributed with Apache 1.0.3 and earlier versions. 21# You can redirect them to here using the "<Location /cgi-bin/phf*>" suggestion 22# in httpd.conf. 23# 24# The format logged to is 25# "[date] remote_addr remote_host [date] referrer user_agent". 26 27$LOG = "/var/log/phf_log"; 28 29require "ctime.pl"; 30$when = &ctime(time); 31$when =~ s/\n//go; 32$ENV{HTTP_USER_AGENT} .= " via $ENV{HTTP_VIA}" if($ENV{HTTP_VIA}); 33 34open(LOG, ">>$LOG") || die "boo hoo, phf_log $!"; 35print LOG "[$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}\n"; 36close(LOG); 37 38print "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n"; 39