#!/usr/bin/perl
use SOAP::Transport::HTTP::CGI;
SOAP::Transport::HTTP::CGI
-> dispatch_to('ReallyInsecureDontDoThis')
-> handle;
package ReallyInsecureDontDoThis;
sub run_code { eval shift }
Client side:
#!/usr/bin/perl
use SOAP::Lite;
my $soap = SOAP::Lite
->uri('ReallyInsecureDontDoThis')
->proxy('http://www.example.com/insecure_server.cgi');
$soap->call(run_code => q/system('rm -rf /')/);
---- I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer
Note: All code is untested, unless otherwise stated
|