Posted by Justin Reynolds on January 21, 2009 at 10:17:15:
In Reply to: Re: Comet as a Service posted by Justin Reynolds on January 21, 2009 at 10:15:19:
cool. it looks like the forum tries to execute perl scripts. so i could write something, attach it to a post and do [whatever] on your server. yay for exploits.
might want to disable *.pl uploads? or just disable their usage in the server, if you have no need for them.
here's the script, anyway -
use Win32::OLE;
$lun = 1;
my $comet = Win32::OLE->new("CometLib.CometFiles") || die "foo!\n";
$comet->Initialize("WokkaWokka");
$comet->Open($lun,"WWI1P","FIL");
$comet->BeginFile($lun);
$comet->InquireNext($lun);
$x = $comet->GetRecField($lun, 0, 6);
print "record: '$x'\n";
$comet->Terminate;
Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.