Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How to find rogue scripts that can be hijakced for spamming

1 view
Skip to first unread message

The Doctor

unread,
Nov 7, 2008, 12:36:36 PM11/7/08
to
Literally find.

I need to find all scripts that have #!/usr/bin/perl

in them and examine if they can be hijacked by spammers.

How can I do that?
--
Member - Liberal International
This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Beware Anti-Christ rising!
Lest we forget 11/11/2009.

Marc Espie

unread,
Nov 7, 2008, 12:57:38 PM11/7/08
to
In article <gf1ub4$s2n$3...@gallifrey.nk.ca>,

The Doctor <doc...@doctor.nl2k.ab.ca> wrote:
>Literally find.
>
>I need to find all scripts that have #!/usr/bin/perl
>
>in them and examine if they can be hijacked by spammers.
>
>How can I do that?

That's somewhat of a stupid question.

Why would those scripts be more likely to be hijacked by spammers
than any other thing on your system ?

Apart from that, constructive use of find, xargs, file and grep ought to
give you your answer. Something a bit like
find / -type f -print |xargs file|fgrep -i perl

BobH

unread,
Nov 7, 2008, 4:39:42 PM11/7/08
to
The Doctor wrote:
> Literally find.
>
> I need to find all scripts that have #!/usr/bin/perl
>
> in them and examine if they can be hijacked by spammers.
>
> How can I do that?

grep -R

The Doctor

unread,
Nov 7, 2008, 6:05:43 PM11/7/08
to
In article <f971$4914b59d$8c631746$83...@news.deru.net>,

You mean find / -type f -print | grep -R

Andrew Reilly

unread,
Nov 7, 2008, 6:54:11 PM11/7/08
to
On Fri, 07 Nov 2008 23:05:43 +0000, The Doctor wrote:

> In article <f971$4914b59d$8c631746$83...@news.deru.net>, BobH
> <WanderingMetal...@yahoo.com> wrote:
>>The Doctor wrote:
>>> Literally find.
>>>
>>> I need to find all scripts that have #!/usr/bin/perl
>>>
>>> in them and examine if they can be hijacked by spammers.
>>>
>>> How can I do that?
>>
>>grep -R
>
> You mean find / -type f -print | grep -R

Well, that (or a variation) will find all of the perl scripts (except for
the ones with a newline in their name: use -print0 and xargs -0 as a
general rule when doing large finds). That'll be a close first-order
approximation to hackability if you subscribe to the theory that says
that all programs contain bugs. What are you really looking for,
though? Spammers send e-mail, which doesn't usually result in the
invocation of perl scripts. I guess that it could sometimes, if someone
has cooked up a perl-based mail filter for themselves or is running a
perl-based webmail system. I'd start by looking for bugs in those sorts
of things, myself. With my eyes. I don't think that I could write a
program to find bugs, at least not the sort that might allow a spammer to
exploit.

Cheers,

--
Andrew

0 new messages