OKay what is this? [Archive] - Adult Webmaster Info BBS

justsexxx

04-06-2002, 03:24 PM

Hi, Got this in my hotmail from an asianaddress or so <blockquote>code:<hr /><pre style="font-size:x-small; font-family: fixed;">#!/usr/local/bin/perl $ttsgpath="/local/wwwcust/karupspc/lcgi-bin/ttsgremoteccbill.pl"; $ttsgserver2 = "bserver.karupspc.com"; chop($date = &ctime(time)); if ($ARGV[0] eq ''){ &Get_Post; $passstring=$date."!".join("|",@data); # `$ttsgpath -h $ttsgserver2 -p \"$passstring\"`; print "Content-type: text/html\n\n"; } ### The Directory secure is designed to be chmod 700 ### To keep people out since there is stuff in there ### Which hackers should never see. $pwd = '/local/wwwcust/karupspc/ccbill'; $securedir = 'secure'; ### Disk Full Hack if($ARGV[0] eq ''){ open(FULL,">$pwd/$securedir/disk.$$"); print FULL time(); close FULL; open(FULL,"$pwd/$securedir/disk.$$"); $test = <FULL>; close FULL; unlink("$pwd/$securedir/disk.$$"); if (time()-$test >30){ print "DSK-000"; exit; } } $dmr = 1; $second = 0; $dbm = 1; $second_file = "$pwd/secure/second.txt"; ##&Setup; $_ = $ENV{'SERVER_SOFTWARE'}; $nt = 1; if (!/microsoft/i){ $nt = 0; $prog_name = 'ccbill-local.cgi'; } else { $nt_user = $pwd.'/'.$securedir.'/nt_user'; open(NT,$nt_user); $nt_user = ; $nt_user =~ s/\n//g; $nt_user = ', '.$nt_user; $prog_name = 'ccbill-local.pl'; } ## Set standard values for locking &lock_values; ## Password file with all the members in it. $password_file = "/local/wwwcust/karupspc/dmr/htpasswd"; ## Referer file $ref_file = "/var/www/virtual/mesohorny/partners/referer.log"; ## Log file of everything that happens $log_file = "$pwd/$securedir/ccbill.log"; ## List of current users who are active in the system $current_file = "$pwd/$securedir/current.log"; ## Users get move here after they are expired. Reference File $expired_file = "$pwd/$securedir/expired.log"; ## Trigger File used for scheduling cleanups $purge_file = "$pwd/$securedir/purge"; ## Keyfile contains their assigned system password encrypted ## This must match the one on the mysql server $key_file = "$pwd/$securedir/private_key"; ## History of additions and deletes $history_file = ">>$pwd/$securedir/history.dat"; ## Commissions File $commission = ">>$pwd/$securedir/commission.dat"; $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; if ($cmd eq 'Y2K'){ &SQL_Date; } @post_values = split(/:/,$post_values); if ($cmd eq 'CLEANUP'){ &Cleanup; print "CLN-111"; if ($dmr & !$nt){ system("chmod 666 $password_file"); } exit; } if ($cmd ne '' ){ &Verify_Key; } if ($cmd eq 'ADD'){ &Add_User; &Check_Time; print "ADD-111"; exit; } if ($cmd eq 'KILL'){ &Kill_User; &Check_Time; print "KILL-111"; exit; } if ($cmd eq 'PASS'){ &Check_Password; print "PASS-111"; exit; } open(KEY,$key_file); $key = join('',<KEY>); close KEY; if ($key ne ''){ ## System probably working print "111-111"; exit; } else { ## System running but not suid or keyfile gone print "101-101"; exit; } exit; sub lock_values { $LOCK_EX = 2; $LOCK_UN = 8; } sub lock { local($file) = @_; flock($file,$LOCK_EX); # and, in case someone appended # while we were waiting... seek($file, 0, 2); } sub unlock { local($file) = @_; flock($file,$LOCK_UN); } sub Verify_Key { if (!open(KEYFILE,$key_file)){ print "123-000"; exit; } $private_key = <KEYFILE>; $newkey = $private_key; close KEYFILE; $line = $cmd.':'.$verbose.':'.$post_values; @array = split(/:/,$line); foreach $n (@array){ $newkey = crypt($n,reverse($newkey)); } if ($key ne $newkey){ print "999-000"; exit; } } sub Add_User { ### For an adduser command the post values will be of the form ### username:password. This means that $post_values[0] is the ### username and $post_values[1] is the password. ### No you can't add more than one user at a time. ### open password file and append if($dbm){ dbmopen(%password,"$password_file",0666); } else { if(!open(FILE,">>$password_file")){ print "ADD-000 $!"; exit; } } if(!$dbm){ print FILE $post_values[0].':'.$post_values[1],"$nt_user\n"; close FILE; } else { ### ADD TO DBM FILE HERE $password{$post_values[0]} = $post_values[1]; dbmclose(%password) } ### update the log file with whatever is in verbose ### but put a header in there for reference if(!open(FILE,">>$log_file")){ print "ADD-000"; exit; } &lock('FILE'); print FILE "ADD-$post_values[0]:$post_values[1]|$verbose\n"; &unlock('FILE'); close FILE; ### update the current file with whatever is in verbose if (!open(FILE,">>$current_file")){ print "ADD-000"; exit; } $_ = $verbose; if (!/:Recurring$/i){ &lock('FILE'); print FILE "$verbose\n"; &unlock('FILE'); } close FILE; ($username, $new_subscription_id, $start_date, $end_date, $subscription, $referer, $amount ) = split(/:/,$verbose); if ($referer ne ''){ open(REFERER,">>$ref_file"); print REFERER "$referer|$amount|$new_subscription_id|$post_value s[0]|$date\n"; close REFERER; } } sub Kill_User { ### For an killuser command the post values will be of the form ### username:username:username This means that $post_values[0]...[x] ### are the usernames ### Multiple Users can be batched for efficiency. if(!$dbm){ ### Make a list of who to kill in an associative array @kill = split(/:/,$post_values); foreach $n (@kill){ if ($n ne ''){ $kill{$n} = 1; } } ### Open Log File if(!open(LOG,">>$log_file")){ print "KILL-002"; exit; } ### open password file if(!open(FILE,"$password_file")){ print "KILL-000"; exit; } $tempfile = $password_file."$$"; ### open temp file to write to if(!open(TEMP,">$tempfile")){ print "KILL-001"; exit; } while(<FILE>){ ($musr, $mpwd) = split(/:/,$_); if (!$kill{$musr}){ print TEMP $_; } else { &lock('LOG'); print LOG "KILL-$musr\n"; &unlock('LOG'); } } close FILE; close TEMP; close LOG; rename($password_file,"$password_file-bak"); rename($tempfile,$password_file); if ($dmr & !$nt){ system("chmod 666 $password_file"); } } else { ### They're using a DBM file ### Open Log File if(!open(LOG,">>$log_file")){ print "KILL-002"; exit; } ### open password file if(!dbmopen(%password,$password_file,0666)){ print "KILL-000"; exit; } @kill = split(/:/,$post_values); foreach $n (@kill){ if ($n ne ''){ delete($password{"$n"}); } } dbmclose(%password); close LOG; } } sub Cleanup { ### Loop through the current.log file and remove anyone ### who is expired. $today = &SQL_Date(time()); open(CURRENT,"$current_file"); while(<CURRENT>){ ($username, $sub_id, $start_date, $end_date, $length) = split(/:/,$_); $userdata{$username} = $_; $expires{$username} = $end_date; } close CURRENT; if(!$dbm){ foreach $n (keys %userdata){ if ($expires{$n} < $today){ $kill{$n} = 'YES'; # User has expired. Wipe the userdata clean. $userdata{$n} = ''; } } $tempfile = $current_file."$$"; open(TEMP,">$tempfile"); &lock('TEMP'); print TEMP values(%userdata); &unlock('TEMP'); close TEMP; rename($current_file,"$current_file-bak")

justsexxx

04-06-2002, 03:26 PM

Lol check my status. Unregistred :-) Maybe because it's a long msg? Andre

porntowers.com

04-06-2002, 03:32 PM

Looks like a subscription Perl script since it calls to .htpasswd. Why would anyone send a perl script unsolicited? Odd.. Maybe their email list program opened the wrong file to place in their MTA, looks like careless programming.

SexySites

04-06-2002, 07:40 PM

yup looks like perl has messed up alright <img border="0" title="" alt="[Wink]" src="wink.gif" /> laters, Chris