Monthly Archives: August 2012

Passing values from html to a perl script

Posted on by
Reply

<<$Value= $FORM{‘Familia’};>>

For getting your value like this you should parse the form.

here i am writing an example showing how you can parse value from a form using POST Method.

#############
# Parse form

read(STDIN, $buffer, $ENV{‘CONTENT_LENGTH’});

#read the values from envourment variable .store in buffer.

@pairs = split(/&/, $buffer);

#split that buffer value

foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);

#separate name and values from the pair.

$value =~ tr/+/ /;
#remove all the + from value..
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$value =~ s/<!–(.|n)*–>//g;
$value =~ s/<([^>]|n)*>//g;
$FORM{$name} = $value;
#assain all the value to name..
}
##############

now you can get the value like this.

$Value= $FORM{‘Familia’}

##############——-############-###########–

If you you can use cgi.pm module you can get the input very easily.
see this example..

test.htm

<form method=”post” action=”test.cgi”>

<select name=”Familia”>

<select size=”1″ name=”Familia”>
<option selected value=”one”>one</option>
<option value=”two”>two</option>
<option value=”three”>three</option>
</select>

<input type=”submit” name=”submit” value=”submit”>
</form>
test.cgi

#!/usr/perl/bin

use CGI;
#use CGI.pm module

$q=new CGI;
$value=$q->param(‘Familia’);

#get the parameter from name field
# and store in $value variable.

print $q->header;
#print the header
print “<html>n”;
print “<head><title>Test</title></head>n”;
print “<body>n”;

print “<h1>Testing form input</h1>n”;
print “<b>Selected value is: “.$value.”</b>n”;

#just call the $value varable here.
print “</body>n”;
print “</htm>n”;

Reference: http://forums.devshed.com/perl-programming-6/passing-values-from-html-to-a-perl-script-7977.html

Execute CGI-Perl scripts as root

Posted on by
Reply

When Apache executes CGI-Perl scripts they are executed as the apache user. So if you want to have some system commands which can be only executed as root (e.g. iptables commands) in your CGI scripts they will not get executed.

One solution is to use setuid mode in Perl.

For this you will need the perl-suid package (in Debian) or the special Perl program called suidperl.

# aptitude install perl-suid

Then you need to tweak the Perl scripts a little to avaoid warnings. If you are using the suidperl program you should replace #!/usr/bin/perl with the suidperl program (i.e. #!/usr/bin/suidperl) and use -U tag to execute unsafe commands.

#!/usr/bin/perl -wU

system(“/sbin/iptables”, “-L”);

And finally, you need to set the suid bit and change permissions to allow the CGI script to be executed as root.

# chown root:root <script name>
# chmod ug+s <script name>
# chmod a+x <script name>

Reference: http://www.thewireframecommunity.com/node/23

Build up a PPTP server

Posted on by
Reply

1. apt-get install pptpd

2. set username pptpd password “*” into /etc/ppp/chap-secrets

3. set the following iptables rules

iptables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -p tcp –dport 1723 -j ACCEPT
iptables -t nat -A POSTROUTING -s xxx.xxx.xxx.0/24 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward