650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar#!@perlbin@
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd#
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# Licensed to the Apache Software Foundation (ASF) under one or more
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# contributor license agreements. See the NOTICE file distributed with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# this work for additional information regarding copyright ownership.
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# The ASF licenses this file to You under the Apache License, Version 2.0
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# (the "License"); you may not use this file except in compliance with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding# the License. You may obtain a copy of the License at
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd#
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# http://www.apache.org/licenses/LICENSE-2.0
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd#
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# Unless required by applicable law or agreed to in writing, software
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# distributed under the License is distributed on an "AS IS" BASIS,
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# See the License for the specific language governing permissions and
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd# limitations under the License.
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd#
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd#
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# This script is used to detect people trying to abuse the security hole which
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# existed in A CGI script direstributed with Apache 1.0.3 and earlier versions.
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# You can redirect them to here using the "<Location /cgi-bin/phf*>" suggestion
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# in httpd.conf.
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar#
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# The format logged to is
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar# "[date] remote_addr remote_host [date] referrer user_agent".
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar$LOG = "/var/log/phf_log";
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoarrequire "ctime.pl";
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar$when = &ctime(time);
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar$when =~ s/\n//go;
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar$ENV{HTTP_USER_AGENT} .= " via $ENV{HTTP_VIA}" if($ENV{HTTP_VIA});
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoaropen(LOG, ">>$LOG") || die "boo hoo, phf_log $!";
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoarprint LOG "[$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}\n";
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoarclose(LOG);
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoar
650b8deadd86f9326c0d4a1bcbbb61cb907722aacoarprint "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n";