Fórum Root.cz
Hlavní témata => Vývoj => Téma založeno: tuxmartin 13. 02. 2016, 00:12:21
-
Ahoj,
potrebuji napsat jednoduchou CGI webovou stranku na routeru s OpenWrt.
Jsem si plne vedom nebezpecnosti pouziti shellu jako interpretu prikazu zadanych pres prohlizec, ale PHP se mi do 4MB flash spolu se systemem proste nevejde a cgi skript nebude dostupny z internetu.
Mam otestovane tyto dva skripty na Ubuntu s Apachem:
/usr/lib/cgi-bin/input :
#!/bin/bash
echo "Content-type: text/html"
echo ""
echo "<html><head><title>TEST</title>"
cat << EOF
<body>
<form action="output" method="GET">
MAC <input name="MAC" placeholder="0A:1B:2C:3D:4E:5F">
<input type="submit" name="odeslat" value="Odeslat" style="font-size: 150%">
<form>
EOF
echo "</body></html>"
/usr/lib/cgi-bin/output :
#!/bin/bash
# FORM GET:
saveIFS=$IFS
IFS='=&'
param=($QUERY_STRING)
IFS=$saveIFS
echo "Content-type: text/html"
echo ""
echo "<html><head><title>TEST</title></head>"
echo "<body>"
echo "<h1>abc<h1>"
if [ "${param[0]}" = "MAC" ]
then
echo "OK"
echo ${param[1]} >> /tmp/cgi-bin
else
echo "SPATNY VSTUP"
fi
echo "</body></html>"
S bashem to funguje krasne. Ale pokud pouziju (testuju na ubuntu) busybox sh, nebo dash - skript nefunguje.
Problem je s IFS.
Muzete mi nekdo poradit, jak snadno pomoci busybox shellu naparsovat query string ve tvaru
http://localhost/cgi-bin/send?MAC=0A%3A1B%3A2C%3A3D%3A4E%3A5F&odeslat=Odeslat
Dekodovani URL neni problem:
$ alias urldecode='sed "s@+@ @g;s@%@\\\\x@g" | xargs -0 printf "%b"'
$ echo "http://localhost/cgi-bin/send?MAC=0A%3A1B%3A2C%3A3D%3A4E%3A5F&odeslat=Odeslat" | urldecode
http://localhost/cgi-bin/send?MAC=0A:1B:2C:3D:4E:5F&odeslat=Odeslat
-
Hele a co presne Ti nefunguje? Ted jsem to zkousel a IFS mi prijde funkcni:
root@00E0C545D117:~# cat /etc/openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='Chaos Calmer'
DISTRIB_REVISION='r47390'
DISTRIB_CODENAME='chaos_calmer'
DISTRIB_TARGET='x86/generic'
DISTRIB_DESCRIPTION='OpenWrt Chaos Calmer 15.05'
DISTRIB_TAINTS='no-all busybox'
root@00E0C545D117:~# cat test.txt
ahoj&pepo=karle
root@00E0C545D117:~# export IFS='=&'
root@00E0C545D117:~# for param in `cat test.txt` ; do echo $param ;done
ahoj
pepo
karle
-
Hele a co presne Ti nefunguje? Ted jsem to zkousel a IFS mi prijde funkcni:
Pokud v output skriptu zmenim bash za sh:
#!/bin/sh
# FORM GET:
saveIFS=$IFS
IFS='=&'
param=($QUERY_STRING)
IFS=$saveIFS
Apache mi vrati HTTP 500:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
-
Problem vyresen:
#!/bin/sh
# FORM GET:
saveIFS=$IFS
IFS='=&'
param=$QUERY_STRING
IFS=$saveIFS
echo "Content-type: text/html"
echo ""
echo "<html><head><title>TEST</title></head>"
echo "<body>"
echo "<h1>abc<h1>"
if [ "${param[0]}" = "MAC" ]
then
echo "OK"
echo ${param[1]} >> /tmp/cgi-bin
else
echo "SPATNY VSTUP"
fi
echo "</body></html>"
Busybox nesmi mit promennou v zavorkach "param=$QUERY_STRING".
-
Spletl jsem se - problem neni vyresen.
Kdyz misto bashe pouziju SH, tak zadne promenne "${param[x]}" vubec neexistuji. Jak se to da vyresit?
-
Kdyz misto bashe pouziju SH, tak zadne promenne "${param[x]}" vubec neexistuji. Jak se to da vyresit?
Vyřešit se to dá použitím nesračkoidního shellu.
-
Vyřešit se to dá použitím nesračkoidního shellu.
Mam jenom 4MB flash, do ktery musim narvat cely system. Pokud by bylo misto, dal bych tam PHP a neresil blbosti.
Co je na POSIX shellu bez rozsireni tak spatneho?
-
Tyvoe to je zase na dlouhy lokte todleto. Nejdriv za to moh IFS, pak zavorky...to je to tak tezky odkrokovat a otestovat?
Co neco takovydleho - http://www.sunspot.co.uk/Projects/Joggler/web_page_scripting.html
IFS="&"
for QUERY_PARTS in $QUERY_STRING; do
QKEY="`echo $QUERY_PARTS | cut -d '=' -f 1`"
QVAL="`echo $QUERY_PARTS | cut -d '=' -f 2`"
eval "$QKEY=\"$QVAL\""
done
a pak budes mit promennou $MAC...
-
Mam jenom 4MB flash, do ktery musim narvat cely system. Pokud by bylo misto, dal bych tam PHP a neresil blbosti.
Co je na POSIX shellu bez rozsireni tak spatneho?
Ze ho neumis pouzivat? POSIX shell nema array. Pokud umis bash, dej si tam bash. Pokud se ti nevejde, tak se budes muset naucit shell, ktery mas k dispozici. Kazdopadne ladit si to v bashi a pak poustet v necem uplne jinem je blbost.
-
Co neco takovydleho - http://www.sunspot.co.uk/Projects/Joggler/web_page_scripting.html
a pak budes mit promennou $MAC...
Diky, funguje skvele!
Ze ho neumis pouzivat? POSIX shell nema array. Pokud umis bash, dej si tam bash. Pokud se ti nevejde, tak se budes muset naucit shell, ktery mas k dispozici. Kazdopadne ladit si to v bashi a pak poustet v necem uplne jinem je blbost.
Ano, jsem zvykli na bash a posix-only shell mi dela problemy.