-
Notifications
You must be signed in to change notification settings - Fork 191
/
escalatePrivileges.pl
executable file
·105 lines (87 loc) · 3.63 KB
/
escalatePrivileges.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#!/usr/bin/perl
use Cwd;
use DBI;
# Read the standard input (sent by the form):
read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
# Get the name and value for each form input:
@pairs = split(/&/, $FormData);
# Then for each name/value pair....
foreach $pair (@pairs) {
# Separate the name and value:
($name, $value) = split(/=/, $pair);
# Convert + signs to spaces:
$value =~ tr/+/ /;
# Convert hex pairs (%HH) to ASCII characters:
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
# Store values in a hash called %FORM:
$FORM{$name} = $value;
}
$agent = $FORM{"agentsDD"};
$delivery = $FORM{"deliveryMethodRB"};
$modemNo = $FORM{"modemNoDD"};
##----- put your code here
$dir = getcwd;
$configfile = $dir . "/config";
open(CONFIG, "+<$configfile");
while (<CONFIG>)
{
chomp;
s/#.*//;
s/^\s+//;
s/\s+$//;
($var, $value) = split(/\s*=\s*/, $_, 2);
$Variables{$var} = ${value};
}
#print "Content-type: text/html\r\n\r\n";
$webserver = $Variables{"WEBSERVER"};
$Variables{"OS"} = $^O;
$sqlserver = $Variables{"MYSQLSERVER"};
$username = $Variables{"MYSQLUSER"};
$password = $Variables{"MYSQLPASS"};
$port = $Variables{"MYSQLPORT"};
$type = $Variables{"DATABASETYPE"};
if ($type eq "postgres")
{
$dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
$selectquery = "SELECT path from agents where number=" . "\'" . $agent . "\'";
$selectquery2 = "SELECT controlkey from agents where number=" . "\'" . $agent . "\'";
$selectquery3 = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
}
elsif ($type eq "mysql")
{
$dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
$selectquery = "SELECT path from agents where number=" . $agent;
$selectquery2 = "SELECT controlkey from agents where number=" . $agent;
$selectquery3 = "SELECT id from modems where number=" . $modemNo;
}
$sql = $dbh->prepare($selectquery);
$results = $sql->execute;
@rows = $sql->fetchrow_array();
$path = @rows[0];
$sql = $dbh->prepare($selectquery2);
$results = $sql->execute;
@rows = $sql->fetchrow_array();
$key = @rows[0];
if ($delivery eq "HTTP")
{
$command = $key . " ROOT HTTP\n";
$control = $webserver . $path . "/putfunc";
open(CONTROLFILE, ">>$control");
print CONTROLFILE $command;
close(CONTROLFILE);
}
if ($delivery eq "SMS")
{
$sql = $dbh->prepare($selectquery3);
$results = $sql->execute;
@rows = $sql->fetchrow_array();
$modem = @rows[0];
$command = $key . " " . "ROOT HTTP" . " " . $modem . "\n";
$control = $webserver . $path . "/putfunc";
open(CONTROLFILE, ">>$control");
print CONTROLFILE $command;
close(CONTROLFILE);
}
##----- end of your code
my $url = "menu.pl";
print "Location: $url\n\n";