HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #121
From team WiiPhonies
New advisory by : John_K
Affected service(s): CGIBAS
Severity [lmh] : high
===== Problem =====
cgibas.pl has a back door in function internal_foo
===== Impact =====
Execute system commands as www-data from basic scripts.
===== Fix =====
remove internal_foo function from /usr/bin/cgibas.pl
Rating
[0] too late