| #!@perlbin@ |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| # |
| # This script is used to detect people trying to abuse the security hole which |
| # existed in A CGI script direstributed with Apache 1.0.3 and earlier versions. |
| # You can redirect them to here using the "<Location /cgi-bin/phf*>" suggestion |
| # in httpd.conf. |
| # |
| # The format logged to is |
| # "[date] remote_addr remote_host [date] referrer user_agent". |
| |
| $LOG = "/var/log/phf_log"; |
| |
| require "ctime.pl"; |
| $when = &ctime(time); |
| $when =~ s/\n//go; |
| $ENV{HTTP_USER_AGENT} .= " via $ENV{HTTP_VIA}" if($ENV{HTTP_VIA}); |
| |
| open(LOG, ">>$LOG") || die "boo hoo, phf_log $!"; |
| print LOG "[$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}\n"; |
| close(LOG); |
| |
| print "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n"; |