How to find rogue scripts that can be hijakced for spamming

Literally find.

I need to find all scripts that have #!/usr/bin/perl

in them and examine if they can be hijacked by spammers.

How can I do that?
--
Member - Liberal International
This is [email]doctor@nl2k.ab.ca[/email] Ici [email]doctor@nl2k.ab.ca[/email]
God, Queen and country! Beware Anti-Christ rising!
Lest we forget 11/11/2009.

In article <gf1ub4$s2n$3@gallifrey.nk.ca>,
The Doctor <doctor@doctor.nl2k.ab.ca> wrote:[color=blue]
>Literally find.
>
>I need to find all scripts that have #!/usr/bin/perl
>
>in them and examine if they can be hijacked by spammers.
>
>How can I do that?[/color]

That's somewhat of a stupid question.

Why would those scripts be more likely to be hijacked by spammers
than any other thing on your system ?

Apart from that, constructive use of find, xargs, file and grep ought to
give you your answer. Something a bit like
find / -type f -print |xargs file|fgrep -i perl

In article <gf1ub4$s2n$3@gallifrey.nk.ca>,
The Doctor <doctor@doctor.nl2k.ab.ca> wrote:[color=blue]
>Literally find.
>
>I need to find all scripts that have #!/usr/bin/perl
>
>in them and examine if they can be hijacked by spammers.
>
>How can I do that?[/color]

That's somewhat of a stupid question.

Why would those scripts be more likely to be hijacked by spammers
than any other thing on your system ?

Apart from that, constructive use of find, xargs, file and grep ought to
give you your answer. Something a bit like
find / -type f -print |xargs file|fgrep -i perl

The Doctor wrote:[color=blue]
> Literally find.
>
> I need to find all scripts that have #!/usr/bin/perl
>
> in them and examine if they can be hijacked by spammers.
>
> How can I do that?[/color]

grep -R

The Doctor wrote:[color=blue]
> Literally find.
>
> I need to find all scripts that have #!/usr/bin/perl
>
> in them and examine if they can be hijacked by spammers.
>
> How can I do that?[/color]

grep -R

In article <f971$4914b59d$8c631746$8366@news.deru.net>,
BobH <WanderingMetalHead.DUMP.SPAM@yahoo.com> wrote:[color=blue]
>The Doctor wrote:[color=green]
>> Literally find.
>>
>> I need to find all scripts that have #!/usr/bin/perl
>>
>> in them and examine if they can be hijacked by spammers.
>>
>> How can I do that?[/color]
>
>grep -R[/color]

You mean find / -type f -print | grep -R
--
Member - Liberal International
This is [email]doctor@nl2k.ab.ca[/email] Ici [email]doctor@nl2k.ab.ca[/email]
God, Queen and country! Beware Anti-Christ rising!
Lest we forget 11/11/2009.

In article <f971$4914b59d$8c631746$8366@news.deru.net>,
BobH <WanderingMetalHead.DUMP.SPAM@yahoo.com> wrote:[color=blue]
>The Doctor wrote:[color=green]
>> Literally find.
>>
>> I need to find all scripts that have #!/usr/bin/perl
>>
>> in them and examine if they can be hijacked by spammers.
>>
>> How can I do that?[/color]
>
>grep -R[/color]

You mean find / -type f -print | grep -R
--
Member - Liberal International
This is [email]doctor@nl2k.ab.ca[/email] Ici [email]doctor@nl2k.ab.ca[/email]
God, Queen and country! Beware Anti-Christ rising!
Lest we forget 11/11/2009.

On Fri, 07 Nov 2008 23:05:43 +0000, The Doctor wrote:
[color=blue]
> In article <f971$4914b59d$8c631746$8366@news.deru.net>, BobH
> <WanderingMetalHead.DUMP.SPAM@yahoo.com> wrote:[color=green]
>>The Doctor wrote:[color=darkred]
>>> Literally find.
>>>
>>> I need to find all scripts that have #!/usr/bin/perl
>>>
>>> in them and examine if they can be hijacked by spammers.
>>>
>>> How can I do that?[/color]
>>
>>grep -R[/color]
>
> You mean find / -type f -print | grep -R[/color]

Well, that (or a variation) will find all of the perl scripts (except for
the ones with a newline in their name: use -print0 and xargs -0 as a
general rule when doing large finds). That'll be a close first-order
approximation to hackability if you subscribe to the theory that says
that all programs contain bugs. What are you really looking for,
though? Spammers send e-mail, which doesn't usually result in the
invocation of perl scripts. I guess that it could sometimes, if someone
has cooked up a perl-based mail filter for themselves or is running a
perl-based webmail system. I'd start by looking for bugs in those sorts
of things, myself. With my eyes. I don't think that I could write a
program to find bugs, at least not the sort that might allow a spammer to
exploit.

Cheers,

--
Andrew

On Fri, 07 Nov 2008 23:05:43 +0000, The Doctor wrote:
[color=blue]
> In article <f971$4914b59d$8c631746$8366@news.deru.net>, BobH
> <WanderingMetalHead.DUMP.SPAM@yahoo.com> wrote:[color=green]
>>The Doctor wrote:[color=darkred]
>>> Literally find.
>>>
>>> I need to find all scripts that have #!/usr/bin/perl
>>>
>>> in them and examine if they can be hijacked by spammers.
>>>
>>> How can I do that?[/color]
>>
>>grep -R[/color]
>
> You mean find / -type f -print | grep -R[/color]

Well, that (or a variation) will find all of the perl scripts (except for
the ones with a newline in their name: use -print0 and xargs -0 as a
general rule when doing large finds). That'll be a close first-order
approximation to hackability if you subscribe to the theory that says
that all programs contain bugs. What are you really looking for,
though? Spammers send e-mail, which doesn't usually result in the
invocation of perl scripts. I guess that it could sometimes, if someone
has cooked up a perl-based mail filter for themselves or is running a
perl-based webmail system. I'd start by looking for bugs in those sorts
of things, myself. With my eyes. I don't think that I could write a
program to find bugs, at least not the sort that might allow a spammer to
exploit.

Cheers,

--
Andrew