Skip navigation.
Home

perl open pipe cgi exploit

This is the perl cgi open pipe metasploit module exploit.
If you have a perl cgi that does something like

$something_user_inputed;
open(IN,"$something_user_inputed");

someone can make $something_user_inputed = "|/bin/id";

or any other number of evil things.

V.