Exploit af Server Side Include

• I html filer:

  • <!--#include file="foo"-->
  • <!--#exec cmd="./calprog.cgi" -->

• Find en variabel, der udskrives umodificeret

  • print "you are trying to post an AD from another URL:<b> $ENV{'HTTP_REFERER'}\n";

• Giv HTTP_REFERER noget SSI-kode