#!/usr/bin/perl
#
# Author: Peter Keel, 14.01.2003
#
# Last-Modified: 19.02.2007
# Last MD5 updates: 13.04.2010
#
# $Id: cgicheck 6975 2007-10-31 11:10:32Z pkeel $ 
#
# License: GPL (GNU Public License)
# 
# Check http.config and its includes for ScriptAlias-paths, and report
# all CGIs in the paths. Also try to identify some of them 
#
# 

use File::Type;
use File::Basename;
use File::Find::Rule;
use Digest::MD5;
use Getopt::Long;
use Pod::Usage;
use Data::Dumper; 


# Config Options
$unint = 0;			# Uninteresting files
$reponly = 0; 			# Only report all CGI-programs
$delevil = 1;   		# delete known exploitable programs
$searchpath = '/home'; 		# if searching, start here

&Getopt::Long::Configure( 'pass_through', 'no_autoabbrev');
&Getopt::Long::GetOptions(
		'inputfile|i=s'		=> \$httpdconfig,
 		'outputfile|o=s'	=> \$outputfile,
		'search|s!'		=> \$searchfs,
		'uninteresting|u!'	=> \$unint,  		# Uninteresting files
		'reportonly|r!'		=> \$reponly,  		# Only report all CGI-programs
		'delevil|d!'		=> \$delevil,  		# delete known exploitable programs
		'chmodevil|c!'		=> \$chmodevil, 	# chmod known exploitable programs
		'quiet|q!'		=> \$quiet,
		'help|h'		=> \$needshelp,
);

# print Dumper(\@ARGV);

if (!$httpdconfig && !$searchfs && !$ARGV[0]) {
    $httpdconfig="/usr/local/etc/apache/httpd.conf";
} elsif (!$httpdconfig && !$searchfs) { 
    $httpdconfig=$ARGV[0]; 
}

if ($needshelp) {
pod2usage(1);
}

#
# Define output-format according to the "r" in perl. 
#
format STDOUT_TOP =
 Filename						  Programname                      Version  Evil?
---------------------------------------------------------------------------------------------------------
.
format topformat = 
.
format STDOUT =                                   
@<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @<<<<<< @|||||
$file,		                         		  $name,                           $version $evil
.
if ($quiet) {
    $ofh = select(STDOUT);
    $^ = "topformat";
    select($ofh);
}

# Table of MD5 sums of known binaries. 
# Format is 'md5sum' => 'description:version:evil-flag'
# First occuring version of something unknown is "A".  
#
%ident =  (	'0a37950afc401457c1357a8aae4cb951' => 'Stray ELF Header:A:1',
		'e573e8f5c93c6c00783f20c7a170aa6c' => 'Stray ELF header:B:1',
		'7e946f883f8c476be8b8759e8a049bd4' => 'FreeBSD Count.cgi:2.5 A:0', 
		'7f8272485e64d836f87a77adc311201c' => 'FreeBSD Count.cgi:2.5 B:0',
		'344a0ecbab42e8355f5a64b9a7cd6607' => 'FreeBSD randhtml.cgi-wrap:A:0',
		'c1ef025d92b92c4c42711591a7ce88e6' => 'FreeBSD cgiecho:A:1',
		'14de1bc3a5969b2ee1a5d8c7c5dc795a' => 'FreeBSD cgiecho:B:1',
		'cdbc6b21c29e59a3a253fc17692d45dd' => 'FreeBSD cgiecho:C:1',
		'5658381ce7103e1074affba7c41b0aad' => 'FreeBSD cgiemail:A:1',
		'2a74a07bc269ba12e802cdd88c5bc983' => 'FreeBSD cgiemail:B:1',
		'a5fae494ef146c31a99f94aee0a59624' => 'FreeBSD cgiemail:C:1',
		'45a6619a3c0e43ba681203761f9a8683' => 'FreeBSD cgiemail coredump:A:1',
		'b9e06e497956abdd728293e9307134b1' => 'FreeBSD cgiemail by web.mit.edu/wwwdev/cgiemail/:A:1',
		'0db659943e58ef968e8772b0004168ea' => 'FreeBSD entropybanner.cgi:A:0',
		'b244e5e09d6e0516311b7cd1377ccb1c' => 'FreeBSD entropybanner.cgi:B:0',
		'd18f2d9111ee0b57d0c415037aae140b' => 'FreeBSD entropybanner.cgi:C:0',
		'582759ac359e66dce21435dc6c4df470' => 'FreeBSD entropybanner.cgi:D:0',
		'66d259afa493dc9700156debffe4a10e' => 'FreeBSD entropybanner.cgi:E:0',
		'27eaa78612778bdf67416767a1fa9e88' => 'FreeBSD entropybanner.cgi:F:0',
		'b60b85f1647af2b11cfe20d3cff7fab9' => 'FreeBSD entropybanner.cgi:G:0',
		'1b998fc25837cdbe05f33a83aa4569c3' => 'FreeBSD entropybanner.cgi:H:0',
		'21f2c3ba6545a3006a5d3b12c97cfc34' => 'FreeBSD entropybanner.cgi:I:0',
		'482a44b75226e2ea2cb16aae82d1847a' => 'FreeBSD entropybanner.cgi:J:0',
		'2110af86743797d5f36aa86b4849abeb' => 'FreeBSD entropybanner.cgi:K:0',
		'4f62da0ec39a0749475e5d3a330c24f2' => 'FreeBSD entropybanner.cgi:L:0',
		'fe9fcdc7eb78f649ccf1de5ddd578b0d' => 'FreeBSD entropybanner.cgi:M:0',
		'31814f03ffb7a66febf5e37f306a9b08' => 'FreeBSD entropybanner.cgi:O:0',
		'564f432b55ddc8ea7c4d733efe08f3e4' => 'FreeBSD entropybanner.cgi:P:0',
		'0c9239ec7e88a71d45e408c123637cf0' => 'FreeBSD mimeTeX:1.64:1',
		'011c3957cefff11f6de63dbe50003a36' => 'FreeBSD mimeTeX:1.40:1',
		'6f9c4f6fd3d7a742b14c7feabd78063c' => 'FreeBSD randhtml.cgi:A:1',
		'4bfdb2085e94a3a271b4cb8f6b9cb365' => 'FreeBSD jhead:2.2:0',
		'ab4d0a5fc1a5fe278a9d5097873464f4' => 'FreeBSD Test:A:0',
		'238d4c2940d03f2717700d5541217806' => 'FreeBSD cgictest.cgi by www.boutell.com/cgic:A:1',
		'e6e5405470d0b1096d372ee730f30746' => 'FreeBSD fly by martin.gleeson.com/fly/:2.0.0:0',
		'350bb06d737c6e73b82e56c773bde013' => 'BSDi php (or php imap-module):3.0.14:1',
		'86107abad0b326e2833163a37fb87d9f' => 'Linux cgiecho:A:1',
		'c65c397a7c3f7eeee3f09864bf06e4c2' => 'Linux cgiecho:B:1',
		'02fa896e474270e01e1d8c49678e7fb8' => 'Linux cgiecho:C:1',
		'7b8d3ef8c60f775358fe2066105b3baa' => 'Linux cgiecho:D:1',
		'babc9069d74936d462608e96ce2a6811' => 'Linux cgiecho:E:1',
		'2c60dc68d1a2e29f7110dbd13398617c' => 'Linux cgiecho:F:1',
		'f99f84434b94161ab8c2a8e8ac9f78c7' => 'Linux cgiecho:G:1',
		'8cb474d3b93dfef22f3c87ea3d90df65' => 'Linux cgiecho:H:1',
		'ccd0fce0301d1462205f90f6590b994f' => 'Linux cgiecho:I:1',
		'24ea8f380b1a9436501ffacf38e61b98' => 'Linux cgiemail:A:1',
		'ed04258f3be486eed357a12aa44ea9de' => 'Linux cgiemail:B:1',
		'c3b701f525e0d993a3633e68519cf9a2' => 'Linux cgiemail:C:1',
		'640b615fa3ef678f294355875b917ae8' => 'Linux cgiemail:D:1',
		'a46e85564decc2b88c5b9d5346a70ef5' => 'Linux cgiemail:E:1',
		'c3b701f525e0d993a3633e68519cf9a2' => 'Linux cgiemail:F:1',
		'eda3bf5c570183aca670683cbb1f1e1d' => 'Linux cgiemail:G:1',
		'2ed23f17b4bd333ef3b78b3f4e9c7905' => 'Linux cgiemail:H:1',
		'6377f1bbcd50831e8cd5c6c299411c28' => 'Linux cgiemail:I:1',
		'3553e688e74d30fed14b7ebca0727a73' => 'Linux cgiemail:J:1',
		'44b02be1b1701ab32694d07e69427962' => 'Linux cgiemail:K:1',
		'9479e5ba8e2daa905b8883787f4bd623' => 'Linux cgiemail:L:1',
		'176cf32d0ce4290403b9cef579cf9fd5' => 'Linux cgiemail:M:1',
		'05ca64957772db9a05841926b8a1c6a5' => 'Linux cgiemail:N:1',
		'58b355521ad0a2d9e9fc76a5f514f875' => 'Linux cgiemail by web.mit.edu/wwwdev/cgiemail/:A:1',
		'ca61389f532ff3be6367c913662bbf30' => 'Linux cgiecho by web.mit.edu/wwwdev/cgiemail/:A:1',
		'53f778e40469b4c3a895bab1ff2914cc' => 'Linux mailform.cgi:A:1',
		'89b6761687ef858113e7c4d17ef85b44' => 'Linux mailform.cgi by combolts.net/mailform:1.23 A:1',
		'74bf7a38a3175eadf04ad8ec690d5f82' => 'Linux mailform.cgi by combolts.net/mailform:1.23 B:1',
		'e268a62f3f2673c480db2e9a344d209e' => 'Linux entropybanner.cgi:B:1',
		'620ba353f5dc1a70f0b8c61296c840fa' => 'Linux entropybanner.cgi:A:1',
		'fd8a2b2b70b1610fc2ab6e603ec776be' => 'Linux entropybanner.cgi:C:1',
		'10c761c444ae48768d1612c35afcd5ae' => 'Linux entropybanner.cgi:D:1',
		'61d555f8d9429b5d216e516c1989ad48' => 'Linux entropybanner.cgi:E:1',
		'dcacf43853c69b4343f0e347e349af6f' => 'Linux entropybanner.cgi:F:1',
		'42ef24d060f9317ed30262f68bc2c118' => 'Linux entropybanner.cgi:G:1',
		'27309736b3de40c39be3cbcd275f6f17' => 'Linux entropybanner.cgi:H:1',
		'8268cfd190e910bb89ffdf92167f6b91' => 'Linux entropybanner.cgi:I:1',
		'c45d94f29e14732f1194e8dfd60ff0fa' => 'Linux entropybanner.cgi:J:1',
		'644724826b8909c58c9c5cc4071bcd9b' => 'Linux entropybanner.cgi:K:1',
		'bb89e522658f1280be20ebe48c193f8e' => 'Linux corrupt entropybanner.cgi:A:1',
		'16d6ccc6992ffcc8fac3dce3485b6806' => 'Linux mimeTeX:1.62:1',
		'4b92ffef62a68c704a2705d23fb9e213' => 'Linux jhead:A:1',
		'bb77b7f0b2223537a36acd313327fe0b' => 'Linux jhead:B:1',
		'93d184876b5f9c7b49856b1f93e80fa0' => 'Linux propop by bogdanovic petar:0.1:1',
		'ac162a736776839419374d77915e34cf' => 'Linux smart hex decoder?:A:1',
		'4451fb335c573204df6e41f4a5211ee6' => 'Linux mysqwebmail:unknown:1',
		'4451fb335c573204df6e41f4a5211ee6' => 'Linux sqwebmail:unknown:1',
		'820ab30cded0051e3de283cb683e8d67' => 'Linux htsearch:3.1.6 A:1',
		'ce953e29017ffbededd94315a80eb246' => 'Linux htsearch:3.1.6 B:1',
		'b0b59173c75271f4255ba96619b5fe81' => 'Linux randhtml.cgi:A:1',
		'20ecc6d39c39150d308b39d91de6fe9e' => 'Linux randhtml.cgi:B:1',
		'33407d554319eb56edaba2d28fb7f65e' => 'Linux randhtml.cgi:C:1',
		'a2da23b3c4079b379ef0e12d13cf1f5e' => 'Linux randhtml.cgi:D:1',
		'58c787029e74e48cf654ecb1104a043a' => 'Linux randhtml.cgi:E:1',
		'0ede9975b0487564b705b7f226537f67' => 'Linux randhtml.cgi:F:1',
		'a2eb8785eb290f3e14cafb3bd417bf58' => 'Linux pdftotext:3.00 A:1',
		'28bc4975b323aa838c052468ecde1e24' => 'Linux pdftotext:3.00 B:1',
		'402c41aa7c07aa281999ede5f2baf921' => 'Linux php.cgi:4.1.0:1',
		'e8d41c323279a1be2897b1310858669d' => 'Linux php.cgi:A:1',
		'ff72d6bfe46c9363582606878fa4122d' => 'Linux php.cgi:B:1',
		'30b02272187f47cbd9e2f622fc77f5c6' => 'Linux php.cgi:4.3.3:1',
		'4b51eb3acf4a5e145a798f2815514929' => 'Linux Sbox by stein.cshl.org/WWW/software/sbox/:1.8:1',
		'87e1ca7fd8e3ded27b40ece02b8c1ffa' => 'Linux Count.cgi:2.5 A:1',
		'ed2577e9056abdb55f7ae4fed1bbfc8b' => 'Linux Count.cgi:2.5 B:1',
		'0a8691f80f2fb1f0a7eae7536a2a3497' => 'Linux Count.cgi:2.5 C:1',
		'257f98c282f65504e4a2149cdf3c9b18' => 'Linux fly by martin.gleeson.com/fly/:1.6.5 B:1',
		'2c64693bcad77f2130900486470f47bb' => 'Linux Miva Empresa:3.9301:0',
		'e0ee6c1597b5eb9626cbd8954bd7de74' => 'Linux IM convert:4.2.9:1',
		'5360100724071b4c502c2f7c41e93e58' => 'Linux IM combine:4.2.9:1',
		'e13640be535e32d5b3ad7974811572dd' => 'Linux IM identify:4.2.9:1',
		'58a90e7084628d038bf40ec9b6290c9f' => 'Linux HTML/OS asetup.cgi by Aestiva:1.7.1:1',
		'bdd7cf689951ef1d012e9752d1866a6a' => 'Linux HTML/OS start.cgi by Aestiva:1.7.1:1',
		'9ebf677e5622a7c28b39739c98de0ec8' => 'Linux HTML/OS htmlos.cgi by Aestiva:1.7.1:1',
		'3fb101e478612711acfa691df37d31c5' => 'Linux HTML/OS asetup.cgi by Aestiva:2.9:1',
		'8d8f36a38a16abfb483e0c5315718917' => 'Linux HTML/OS start.cgi by Aestiva:2.9:1',
		'7f8f4d2fdb26c6b5a54c2cb165a79bfd' => '-> Trojan Proxy:A:1',
		'2a5ce47754a3adb58cf1ab37e9d17ce4' => '-> Linux PsychoPhobia Backdoor:A:1',
		'c0b95fcaefd49b0cc3ec6e13ae77fc85' => 'Frontpage fpcount.exe:v1:1',
		'f4841ca6650bfead5701809fbf42f825' => 'Frontpage Executable:v2:1',
		'f9dbc0d481eafef0c08bea4a1ea265c4' => 'Frontpage fpadmcgi.exe:4.0.2.2717:1',
		'0988193b59e3b334c8bc7e443b5e59a4' => 'Empress eh_writer:v6.8p1:0',
		'0efc5f5f9ce00439d01cd5a32f27550b' => 'Empress ehsql_select:v6.8p1:0',
		'dd7f2f7b5e6bd930d2eee3ddf886e478' => 'Empress ehsql_update:v6.8p1:0',
		'b53ca833adf6f3d102af442c9abcf08a' => 'Count.cgi by Muhammad A Muquit:2.5:0',
		'ce4824b07d8cf1b11736184842c05062' => 'Count.cgi:2.5:0',
		'cea6be10a1e0b3b3a04140ee9f118de5' => 'Count.cgi:2.4:1',
		'268decbcf4ce15ea94ab4b62e2746500' => 'nph-count by DHP Consultancy:A:1',
		'3ae1cda951a088ba1202b0c73b58c22a' => 'w3-msql:2.0.11:0',
		'13abb98ee0d0b24eb8605ca902823eab' => 'htsearch:3.1.5:1',
		'd2588f82826a079c0cdd8584cc8a2718' => 'htsearch:3.1.4:1',
		'0a20f9f92888e3530b247c5fe0d4f27c' => 'htsearch:3.0.8b2:1',
		'1cf487b441894529acbf5a839e8ca8b2' => 'htsearch:3.1.6:0',
		'abfe340bbebe05b1196299aa1e9c3735' => 'htsearch:3.1.5:1',
		'a17eeb334a3f9ba42ebff83d1b0365b3' => 'fly by martin.gleeson.com/fly/:1.6.5 A:0',
		'cc0dacfdbe9e05b26858be79bbb50e07' => 'SGI MIPS htimage:A:0',
		'1690badad2acca9bb21509dbdf08432a' => 'regform:v1:0',
		'f510a4bf1969804d07c5d89bb04bcdeb' => 'postmail.cgi by Christian Weber:1.10:1',
		'34155a89973380ba60255b647fc966e5' => 'postmail.cgi by Christian Weber:1.12:0',
		'c29ad8ef2d9e03c42ecca4fdc428d6fb' => 'formmail.cgi by Tobi Mueller:1.15:0',
		'853bce6056eb84ec673f47823ba8d0bc' => 'modifikation.cgi:v1:0',
		'f235c0e273413500b72f388bcece3e4f' => 'static chmod:3.1.6:0',
		'83f4346dc5a1d4da57d776eb0fbd3fd0' => 'mailqmon by www.ineparnet.com.br/orso/index.html:1.5:0',
		'63ff228488794c18737592793067df74' => 'CPanel cgiecho:A:1',
		'c0c2ac7e8723ea360b37abff2973a0d8' => 'CPanel cgiecho:B:1',
		'3a95230f8bfe74a8019d15364f2bc0a4' => 'CPanel cgiecho:C:0',
		'776ef805fbf3219a6abf646db8e93b9b' => 'CPanel cgiemail:A:1',
		'b46df702fd468e7a07d30e335d154179' => 'CPanel cgiemail:B:1',
		'98b915174269a5f9ed94fc1cb2727d51' => 'CPanel cgiemail:C:0',
		'ebe93ace92a28f70b455d56c5bac0d78' => 'CPanel Count.cgi:A:0',
		'ee6330103b7ad489b608285ef2434612' => 'CPanel Count.cgi:B:0',
		'2702dd43986a174b9a6584fc10dc64f1' => 'CPanel Count.cgi:C:0',
		'c0fd41e7a858fac0c0a8b0ff0ddc0b7b' => 'CPanel Count.cgi:D:0',
		'a02a8746a30c4d581e0f1336f07e7e0a' => 'CPanel domainredirect.cgi:A:0',
		'2267f10053915f84cb0da79530233c32' => 'CPanel domainredirect.cgi:B:0',
		'9bce8770ce79e7e3bcc980685d7f9ec4' => 'CPanel domainredirect.cgi:C:0',
		'9675a92d245922a578c8efe6825b290e' => 'CPanel domainredirect.cgi:D:0',
		'00c13777236f45167b5d5c6739645f88' => 'CPanel domainredirect.cgi:E:0',
		'3425fa53f528f5503bf3537e4481f903' => 'CPanel domainredirect.cgi:F:0',
		'6a321585d6f4de1b7dfe806becd9d1f9' => 'CPanel domainredirect.cgi:G:0',
		'97e3ff7ed68aaeff70bdaec47ffc51cc' => 'CPanel domainredirect.cgi:H:0',
		'ea62fc861cca61bbc0cd044f1332e26f' => 'CPanel entropybanner.cgi:A:0',
		'964054aff6777570b63134967a9da3f0' => 'CPanel entropybanner.cgi:B:0',
		'b29ef74c66bb3f464b32e11f31c0604a' => 'CPanel entropybanner.cgi:C:0',
		'35da718314c8e6e17b97cde8b49857de' => 'CPanel entropybanner.cgi:D:0',
		'4d3b99ad36612cda8c8aba4b416ba10c' => 'CPanel entropybanner.cgi:E:0',
		'554ac9cf938e5dc13c447f7e235315a4' => 'CPanel entropybanner.cgi:F:0',
		'bff6c27efcf600dca816012a6f5e01d7' => 'CPanel entropybanner.cgi:G:0',
		'c4ab4a3231bcaff44905f50baf6750db' => 'CPanel entropybanner.cgi:H:0',
		'ce9ec9263f288ffb6ac7e203c8972978' => 'CPanel Formmail:A:1',
		'401994cfd4d82c99dac1f8721f6c200f' => 'CPanel Formmail:B:1',
		'a473cb53e8a22f48befde322267eecf8' => 'CPanel Formmail:C:1',
		'4da746b9567780d0dcdea90358ba1f17' => 'CPanel FormMail:D:1',
		'e203c34e40b21c0f06f4374741841a37' => 'CPanel FormMail:E:1',
		'b5cf2443e5353dfd7bc7dc11c8c3a666' => 'CPanel FormMail:F:1',
		'75b5f5f4502c320ca2f4164c7dcc7511' => 'CPanel FormMail:G:1',
		'87a1e1402a08d77f022349cfb10a58c8' => 'CPanel FormMail:H:1',
		'5dfad446ceee123ae0c37d41a5f7bad4' => 'CPanel FormMail:I:1',
		'35b425c1cc37ac87965c74e2ed943d1d' => 'CPanel FormMail:J:1',
		'032092613df27a6a0e329c74a5c0c8a4' => 'CPanel formMail:K:0',
		'5676839c5ceb32859c16c8608359f8a6' => 'CPanel formMail:L:0',
		'862853977bfdca930b557accd262a2ce' => 'CPanel formMail:M:0',
		'032092613df27a6a0e329c74a5c0c8a4' => 'CPanel FormMail:N:0',
		'5676839c5ceb32859c16c8608359f8a6' => 'CPanel FormMail:O:0',
		'7565ce0a4fd5c00ac5a697674ce53f90' => 'CPanel FormMail:P:0',
		'862853977bfdca930b557accd262a2ce' => 'CPanel FormMail:Q:0',
		'032092613df27a6a0e329c74a5c0c8a4' => 'CPanel formMail:R:0',
		'032092613df27a6a0e329c74a5c0c8a4' => 'CPanel FormMail:S:0',
		'5676839c5ceb32859c16c8608359f8a6' => 'CPanel formMail:T:0',
		'5676839c5ceb32859c16c8608359f8a6' => 'CPanel FormMail:U:0',
		'862853977bfdca930b557accd262a2ce' => 'CPanel formMail:V:0',
		'862853977bfdca930b557accd262a2ce' => 'CPanel FormMail:W:0',
		'bdbeb73c0521423f40140a7f6e76cc4c' => 'CPanel getUserDomains:A:0',
		'0fed0eb8908fdccb7d354992682849ea' => 'CPanel guestbook.cgi:A:1',
		'a14dee32df03ab3e431f51851aa68c34' => 'CPanel guestbook.cgi:B:1',
		'2cc229ee145a9c173e691c7df76bb80f' => 'CPanel guestbook.cgi:C:1',
		'90d9f682fa7650dcb1345ffe8f8a60f4' => 'CPanel guestbook.cgi:D:1',
		'f84562cc8083bfb6c62248040e9534ea' => 'CPanel guestbook.cgi:E:1',
		'3a9f1e7344e24198bc38c4feffce47e6' => 'CPanel guestbook.cgi:F:0',
		'6380eb5bd2dfe62a3031588f5a8b8c73' => 'CPanel guestbook.cgi:G:0',
		'94300bb7302dcaf8d77c40620466ff17' => 'CPanel guestbook.cgi:H:0',
		'e3e76fb0357fca08c37190e5ac19bc4c' => 'CPanel guestbook.cgi:I:0',
		'f74732d5fe20c092c0646a84194a7886' => 'CPanel guestbook.cgi:J:0',
		'f4e5fe41fc0532632807b2c6c4a3cd15' => 'CPanel helpdesk.cgi:A:0',
		'f9b19f3503933324d253f2418eb46af3' => 'CPanel helpdesk.cgi:B:0',
		'061f84cff03b17e681c802e6f574477e' => 'CPanel helpdesk.cgi:C:0',
		'500a7b71e0e26753b825eb71fdd75e68' => 'CPanel helpdesk.cgi:D:0',
		'00293efcd0e155c05406fdad4448c3ab' => 'CPanel mchat.cgi:A:1',
		'b9e786c1b9ad258c989c82127c2419e4' => 'CPanel mchat.cgi:B:1',
		'e8441c269840b2f50e1be08f3f916459' => 'CPanel mchat.cgi:C:1',
		'a931e218ce4d2b50384eb65681780b76' => 'CPanel mchat.cgi:D:1',
		'527ca8c016541ab45bc0cf52bacff0c2' => 'CPanel mchat.cgi:E:1',
		'5ff2cc674e5ac754cc5eac510b95484b' => 'CPanel mchat.cgi:F:1',
		'1dec7f4db8ad387c7598b1fae39da193' => 'CPanel mchat.cgi:G:0',
		'406ebc604391dbf39c7416ee9e1bfb43' => 'CPanel mchat.cgi:H:0',
		'6f2ccc7b8930f7127a048600ed125004' => 'CPanel mchat.cgi:I:0',
		'7ef95747f53ad548d11b8fa0ea5eec80' => 'CPanel mchat.cgi:J:0',
		'f2dd5abb9d0c865122ab22b6d94d5e2c' => 'CPanel mchat.cgi:K:0',
		'b8a9231955bafe07b25b9a19181f170c' => 'CPanel randhtml.cgi:A:0',
		'd89e82a7511ca7652cf851b684ce1a81' => 'CPanel randhtml.cgi:B:0',
		'bdb84b90e7697e2448aff415135f7edc' => 'CPanel randhtml.cgi:C:0',
		'e8abb8ce2a30b5ff2ce9430b8cf4bb9f' => 'CPanel randhtml.cgi:D:0',
		'fa3d1052b9e0f8996370b368c46de504' => 'CPanel randhtml.cgi:E:0',
		'7376dd4dd21642ecbe32d8a27db1aa46' => 'CPanel randhtml.cgi:F:0',
		'79a479501cc92ad8a2a2e923f1b4d555' => 'CPanel randhtml.cgi:G:0',
		'8ea9dc725b107400e5d93d4ec9889b3a' => 'CPanel randhtml.cgi:H:0',
		'ad0e5da58f238914f16e2fd906ec0b51' => 'CPanel randhtml.cgi:I:0',
		'ece4367f8bf3fbcfd15de0ac8117d388' => 'CPanel randhtml.cgi:J:0',
		'57d2f4246fa3e9942b693c28b0339e78' => 'CPanel randhtml.cgi-wrap:A:0',
		'2989a46511a13b63843ba316fdabec14' => 'CPanel randhtml.cgi-wrap:B:0',
		'8f1b6ed7a965cd53eb78f68ab6f0562a' => 'CPanel realsignup.cgi:A:0',
		'afb038557b0ba0c6e0194e66fe0658d9' => 'CPanel realsignup.cgi:B:0',
		'e65abdc7e289e3a6a6eac7b2fadb3d25' => 'CPanel realsignup.cgi:C:0',
		'8df7db40020cea0e160830bd4a79090b' => 'CPanel realsignup.cgi:D:0',
		'265a4d1b37459d7529022952fba06cfd' => 'CPanel realsignup.cgi:E:0',
		'9beea170ca5944678c0a4764e77a17fd' => 'CPanel realsignup.cgi:F:0',
		'3f86f4dc25e81d799b22bdb98ba27cb8' => 'CPanel realsignup.cgi:G:0',
		'5b81eca2e3792671d2e1b130f65219d1' => 'CPanel realsignup.cgi:H:0',
		'c75ee75090c067539d093ff1619eb697' => 'CPanel realsignup.cgi:I:0',
		'e7736a7666463914e2ebd8b8439889a5' => 'CPanel realsignup.cgi:J:0',
		'f547469d757781364c9bf6cceb8ccfb8' => 'CPanel realsignup.cgi:K:0',
		'a1999d95e15e85408bee23c9dc4548df' => 'CPanel scgiwrap:A:0',
		'622c2b093a1dd890f2894480bfd06d40' => 'CPanel scgiwrap:B:0',
		'4a82c53f280ea2e4b37bfbd9fa1a8e77' => 'CPanel scgiwrap:C:0',
		'a7ffbab100b77f2dff1f90b3fe0505e3' => 'CPanel scgiwrap:D:0',
		'07a33fa1ca6db299a50a38b7c7eb9354' => 'CPanel signup.cgi:A:0',
		'7fe16eb993eb524a3d3e66df4d055a84' => 'CPanel signup.cgi:B:0',
		'08d3b32113fdc895d9928e392d598efe' => 'CPanel signup.cgi:C:0',
		'658dd9e5f34695382c078e02eba3edf6' => 'CPanel signup.cgi:D:0',
		'f4c742fb615f2a659e4e3027248e256f' => 'Mailman admindb:A:0',
		'ea50140c931e7af355349d9c59567e5f' => 'Mailman admindb:B:0',
		'c756b885bc4e86cf0f9db40bdb58ffa0' => 'Mailman admindb:C:0',
		'048978d77ffdc5c8aa55c0d00b0e76e6' => 'Mailman admindb:D:0',
		'343a48174ac982ac8ed2eb49c4d35fe4' => 'Mailman admindb:E:0',
		'55754b3d3453d08023d0ad9293f2b92d' => 'Mailman admindb:F:0',
		'5642bdc9ce18116a6ab888e8ee20ed74' => 'Mailman admindb:G:0',
		'b30b152742a7cafe3183ebbcb7cb036c' => 'Mailman admindb:H:0',
		'd1d43115516064eb81d16647e3f305bf' => 'Mailman admindb:I:0',
		'e8e2e6b5f6c189d40b333236f255bee0' => 'Mailman admindb:J:0',
		'd72208497d39f4d4a66e39e585c19833' => 'Mailman admin:A:0',
		'f5ad7b3a3b65d3efefa5b0c2213942d5' => 'Mailman admin:B:0',
		'01d126947b4cc233c0bfd84a1b842b98' => 'Mailman admin:C:0',
		'63df0ce07bdeea6be8f7ae5828c914e9' => 'Mailman admin:D:0',
		'0e7586b1b9993878d56d1ee627a16382' => 'Mailman admin:E:0',
		'20bea2829db54b2c8e201cb2fc0df4d2' => 'Mailman admin:F:0',
		'3c19daf7f3f1cf095130c6ed9283355b' => 'Mailman admin:G:0',
		'84946798e45fad1d855a9d95c2199daf' => 'Mailman admin:H:0',
		'88082b768292d5583e137d591258783d' => 'Mailman admin:I:0',
		'ce8a7806ac86d87af5f56b26337abb6f' => 'Mailman admin:J:0',
		'ae051630e3c65f9f647c25d8f619caf6' => 'Mailman confirm:A:0',
		'ec6d7953467e44aaa136f412ce779fe0' => 'Mailman confirm:B:0',
		'5c828d7083ec3475f3f07baeb527026e' => 'Mailman confirm:C:0',
		'732f126694f48e4a09a271bbdbc3e2d3' => 'Mailman confirm:D:0',
		'3882967358b43aa9bce1772df94335e1' => 'Mailman confirm:E:0',
		'58058e0086284704cd9a05a6b0686949' => 'Mailman confirm:F:0',
		'6be13d44239c6d64d8c7960e543206d1' => 'Mailman confirm:G:0',
		'74f66d3e0eec6602f0537b6d021904bd' => 'Mailman confirm:H:0',
		'c1646e706da33c60db1d21c2279adaf3' => 'Mailman confirm:I:0',
		'cc33a679289d20bd932c960e3f9913cd' => 'Mailman confirm:J:0',
		'db19923565afe207778ea203c22fa376' => 'Mailman create:A:0',
		'ceb5a76aff10320ba3bd154d58491fac' => 'Mailman create:B:0',
		'881e250ec6465efbf9375479da4a7ba5' => 'Mailman create:C:0',
		'8aa7673d7781803c0944de7ff8d9e343' => 'Mailman create:D:0',
		'6671e9fbe6dac7ecb3bfd02c9fceef88' => 'Mailman create:E:0',
		'7a4e571dec13ead6560b9c1950e5a7be' => 'Mailman create:F:0',
		'80dad99b58f1478712472e1b71fdf5cf' => 'Mailman create:G:0',
		'a6722b5ef63269b0db33109e16dd4e3a' => 'Mailman create:H:0',
		'b658fc265d4b24e0559093c817c16e39' => 'Mailman create:I:0',
		'd94ce7352005ef51cdb68cad7220ba1f' => 'Mailman create:J:0',
		'dbbff3e89daf030491422e9b5a4e47b7' => 'Mailman edithtml:A:0',
		'dd650c569d80536e88cd8d7bec002bc9' => 'Mailman edithtml:B:0',
		'2f133461d1219b4bdd8855b618fe419e' => 'Mailman edithtml:C:0',
		'5ab11da03111485145f5da07609ebd36' => 'Mailman edithtml:D:0',
		'2813218f0c58eba9ae1e712df7bf227c' => 'Mailman edithtml:E:0',
		'534b865127e00b89e987680fcf0d2b66' => 'Mailman edithtml:F:0',
		'5eae4ae199814e8c90901789abab4cb0' => 'Mailman edithtml:G:0',
		'9b209c634b4656ab8b4973227e4c395f' => 'Mailman edithtml:H:0',
		'bf0d5c0b0051ff36716acac273e09ec2' => 'Mailman edithtml:I:0',
		'dc98dcc9b53994bfe8472b22bc9927b7' => 'Mailman edithtml:J:0',
		'fdd5a477943bc86f8a268c7140a311cd' => 'Mailman handle_opts:A:0',
		'fa6ac7e9ce763e9be04df97f8d5ce356' => 'Mailman listinfo:A:0',
		'da1b99b11534ce24e191e83c30549a25' => 'Mailman listinfo:B:0',
		'e067bc3c0a1323438cb4f4c28dd64403' => 'Mailman listinfo:C:0',
		'a5a1aa59a079c50d17f1e275e4b1cabf' => 'Mailman listinfo:D:0',
		'1573576a1484aa53ba866d2db18bd238' => 'Mailman listinfo:E:0',
		'247dd8c8f3de703f9c7f763b8d75336c' => 'Mailman listinfo:F:0',
		'5fc0b4c54f4e8ef9c6d6f2080ee683b2' => 'Mailman listinfo:G:0',
		'63fcd66041d46d4e3807504f2f5f1228' => 'Mailman listinfo:H:0',
		'a98945801cb0cb62cdaa25856ccd9f9f' => 'Mailman listinfo:I:0',
		'd0c890e561c1f6545fba31903613dcdf' => 'Mailman listinfo:J:0',
		'b62459393925b1a80ca1d3f8d6431051' => 'Mailman options:A:0',
		'd2fda3e803281b1bf382de768c1492e6' => 'Mailman options:B:0',
		'1f0c82051712e051ddb3adf293bcccf0' => 'Mailman options:C:0',
		'6d345be42ad8224e3cbccea2d1fb32ba' => 'Mailman options:D:0',
		'310285bcbb06c964a8e3547a1941a1de' => 'Mailman options:E:0',
		'64f81314f7b1d429cd4b77ba30646b4a' => 'Mailman options:F:0',
		'b939874fb0e7999bdb0c4c4d42999784' => 'Mailman options:G:0',
		'c1032372659ea16c22bf902312a5efed' => 'Mailman options:H:0',
		'c38cdb998f268ff12948fcb30afe3802' => 'Mailman options:I:0',
		'd033479f6179c79959a825f747208d96' => 'Mailman options:J:0',
		'9f7e63c8cd6f18c838df1c8d7a5ddb6b' => 'Mailman private:A:0',
		'05398f736acec23f1a2c5c4ad0d86676' => 'Mailman private:B:0',
		'3e1a3665359a447b87719eb08ec6841a' => 'Mailman private:C:0',
		'62445e6f3e3d8f4e8d70d15a241e0060' => 'Mailman private:D:0',
		'2705ff137c5e9baf4f62dbd220363775' => 'Mailman private:E:0',
		'67ea283820ebd2117e58883bb7722393' => 'Mailman private:F:0',
		'81d3679e620d996282538163767aa9f5' => 'Mailman private:G:0',
		'9914a464b9241d96b522c06fb70036f5' => 'Mailman private:H:0',
		'b37ca02fdc0a03c71706bf75ffbffaf8' => 'Mailman private:I:0',
		'fbb5e9f65bf3d754c71ffe81a03e6dfc' => 'Mailman private:J:0',
		'5deef6b51709cc9b4a7964bacb6bc17e' => 'Mailman rmlist:A:0',
		'5476e7876e9a57063d7a4aff0dd892a8' => 'Mailman rmlist:B:0',
		'83cc5d85278b4a078e8223827b23f93d' => 'Mailman rmlist:C:0',
		'96888cf507e0f7113af3a828e1824335' => 'Mailman rmlist:D:0',
		'17501170f4ac8f206a890cc2fde033e4' => 'Mailman rmlist:E:0',
		'1f30f8cee8a709b8020b971e6b33ba78' => 'Mailman rmlist:F:0',
		'2253b35fa2bdfb8d81ce00c5611da776' => 'Mailman rmlist:G:0',
		'672f47cd7c6e77dfc3166cc965e3f6cd' => 'Mailman rmlist:H:0',
		'898fee475a25c54fe2901893a0dd5141' => 'Mailman rmlist:I:0',
		'bfe58929ffe82f4a7fab79cf937139aa' => 'Mailman rmlist:J:0',
		'5c115174c9f871d8a251f81ba39c26b4' => 'Mailman roster:A:0',
		'277c22fd65468c2736c88e8ef8e06692' => 'Mailman roster:B:0',
		'7cf82ef62ae5c85fae7342d962ae3c26' => 'Mailman roster:C:0',
		'b1ccb0eca24485ed490132b153103868' => 'Mailman roster:D:0',
		'02ab02501870e81c251abe3d407dfa5d' => 'Mailman roster:E:0',
		'14915cae01689bdb0f42286a45678d75' => 'Mailman roster:F:0',
		'641f8b29cffd799e69b6b0e67f4a1fc9' => 'Mailman roster:G:0',
		'6d08d18eecb75479125294d0657f2166' => 'Mailman roster:H:0',
		'886a5ab5ddb4f9c13cdc5072744fed8b' => 'Mailman roster:I:0',
		'900d4c846c77e5a358382aa288ea08a0' => 'Mailman roster:J:0',
		'ae1dfb39df72fdc24e5d1ac2f24c6d1f' => 'Mailman subscribe:A:0',
		'ef43727a450d2eb2d9e53ec09a3fc9af' => 'Mailman subscribe:B:0',
		'32397e4962ffdacecbafcded8d5d46f7' => 'Mailman subscribe:C:0',
		'8171b1f80e2910c9c0ad94b8dc59e1a5' => 'Mailman subscribe:D:0',
		'33a6fad547cfbda4bcb4a4feb94c29be' => 'Mailman subscribe:E:0',
		'3c15c901f77e6607f27c26af569bd811' => 'Mailman subscribe:F:0',
		'5aecfe826ae736562839ffa94845e47c' => 'Mailman subscribe:G:0',
		'81f5a42091171e4d2535c2e2017c86cf' => 'Mailman subscribe:H:0',
		'a058c24cdd483b89bec6378e23860a59' => 'Mailman subscribe:I:0',
		'c63c0eff8c3453700023877486db5c78' => 'Mailman subscribe:J:0',
		'0e5e456a7e0e0559f614df7b2a5a7c0b' => 'Mailman rmlist 2.1.9-9u:K:0',
		'33eeca7c50d68aec6815306011488ef2' => 'Mailman private 2.1.9-9u:K:0',
		'89fdfc2c01e195ad2b98fa6ac8e23ff8' => 'Mailman listinfo 2.1.9-9u:K:0',
		'710f8365adbd7d8b8dc7fe3a79ced342' => 'Mailman admin 2.1.9-9u:K:0',
		'8b45c9407cbe3e9730234fdb33a3da1e' => 'Mailman edithtml 2.1.9-9u:K:0',
		'68a2ae89dea1030cbf42bdd27d16c020' => 'Mailman create 2.1.9-9u:K:0',
		'a676d5d1a623e0800b34b2462c8911dd' => 'Mailman options 2.1.9-9u:K:0',
		'125329c39a807423e60afeca8bcfd09a' => 'Mailman confirm 2.1.9-9u:K:0',
		'8b15833ff0c3f8b1823ccdd268f7c4b4' => 'Mailman subscribe 2.1.9-9u:K:0',
		'a554b52d2eb591d1b2a90f5841dd9e1e' => 'Mailman admindb 2.1.9-9u:K:0',
		'8103890e88825f38a09326ec3df1e5bc' => 'Mailman roster 2.1.9-9u:K:0'
);

if (!$searchfs) {
    &getconfigfiles($httpdconfig);
    #&printconfigfiles();
    &getcgidirs();
    #&printcgidirs();
    &getdirindex();
    #&statfile($httpdconfig);
}
if ($searchfs) {
    &getsearchindex();
}
if ($reponly) { 
    &printdirindex();
} 
if (!$reponly) { 
    &filecommand();
    &whatperl();
    &whatelf();
    &whatshell();
    &whatother();
    &printresults();
}

sub whatshell() {
foreach $b (@shellfilenames) {
#     print "$b is Bash\n";
    push @VERSIONS, "$b:Bash-Script:unknown:0";
}
}

sub whatother () {
foreach $c (@otherfilenames) {
    if ($c =~ m/\.htaccess/i) {
	open(IN_FILE,"<$c") || die "Cannot open $c for input\n";
	if( grep {/-FrontPage-/} <IN_FILE> ) {
	    push @VERSIONS, "$c:Frontpage .htaccess:unknown:0";
        }
	close IN_FILE;
    } elsif ($c =~ m/\.pm/i) {
	open(IN_FILE,"<$c") || die "Cannot open $c for input\n";
	if( grep {/package/} <IN_FILE> ) {
	    push @VERSIONS, "$c:Perl Package:unknown:0";
	}
	close IN_FILE;
    } elsif ($c =~ m/\.php|\.phtml|\.php3|\.php4/i) {
	open(IN_FILE,"<$c") || die "Cannot open $c for input\n";
#       if ($version = grep { s/.*c99shell.*\s+v.\s+(\d+\W?\d+)\W+.*/$1/i  } <IN_FILE>) {
        if ($versia = grep { s/.*c99shell.*(\d+\.\d+).*/$1/i  } <IN_FILE>) {
	    push @VERSIONS, "$c:c99 PHP Shell:$versia:1";
	}
        if ($versia = grep { s/.*PHPKonsole.*/$1/i  } <IN_FILE>) {
	    push @VERSIONS, "$c:PHP Shell:$versia:1";
	}
        if ($versia = grep { s/.*PHPSHELL.*/$1/i  } <IN_FILE>) {
	    push @VERSIONS, "$c:PHP Shell:$versia:1";
	}
	close IN_FILE;
    } else {
	open(IN_FILE,"<$c") || die "Cannot open $c for input\n";
	if( grep {/\/usr\/local\/bin\/perl/i} <IN_FILE> ) {
	    push @VERSIONS, "$c:Perl File:unknown:0";
	close IN_FILE;
	} 
	else { push @VERSIONS, "$c:Other:unknown:0";
	     }
    }
  }
}

sub whatelf () { 
    foreach $filepath (@elffilenames) {
    $evil=0;
    $id = 0;
	$mdf = md5filecheck($filepath);
	if ($rp = $ident{$mdf}) {
    	$id=1; push @VERSIONS, "$filepath:$rp";
	}
	if ($id != 1) { 
	    $mdnew = md5filecheck($filepath);
	    push @VERSIONS, "$filepath:$mdnew:unknown:1";
	    }
    }
}

sub whatperl() {
    foreach $a (@perlfilenames) {
       open(IN_FILE,"<$a") || die "Cannot open $a for input\n";
       if (@formmail = grep { s/.*FormMail .*\s+Version\s+(\d+\W?\d+)\W+.*/$1/i  } <IN_FILE>) {
       chomp @formmail;
       @formmail = uniq(@formmail);
           foreach $formmailv (@formmail) {
                    if($formmailv < "1.92") {
			$evil = "1";
    		    } else { $evil="0"; }
		    push @VERSIONS, "$a:Matts FormMail.pl:$formmailv:$evil";
           } 
	} else { push @VERSIONS, "$a:Perl-Script:unknown:0"; }
       close IN_FILE;
    }
}

sub getconfigfiles() { 
    open(IN_FILE,"<@_") || die "Cannot open Apache-configfile @_ for input\n";
	@includes = grep{ s/^\s*include\s+//} <IN_FILE>;
    close IN_FILE;
    chomp @includes;
    foreach $line (@includes) {
	$configfiles[$i] = $line;
    $i ++;
    }
$configfiles[$i] = "$httpdconfig";
}

sub getcgidirs() { 
    foreach $line (@configfiles) {
	open(IN_FILE,"<$line") || die "Cannot open Apache-configfile @configfiles for input\n";
	    @scriptalias = grep{ s/^\s*ScriptAlias\s+\S+\s+//} <IN_FILE>;
	close IN_FILE;
	chomp @scriptalias;
        foreach $line (@scriptalias) {
	    $line =~ (s/\"//g);		# No quotation-marks
	    $line =~ (s/\/\//\//g);	# No double slashes
	    $line =~ (s/\s+//g);	# No spaces
	    $scrasize = $#scriptaliases + 1;
	    $scriptaliases[$scrasize+1] = $line;
	}
    }
    @scriptaliases = uniq(@scriptaliases);
    @scriptaliases = sort @scriptaliases;
    splice(@scriptaliases,0,1);		# remove prepending space
} 

sub uniq {
    my %hash = map { ($_,0 ) } @_;
    return keys %hash;
}

sub getdirindex () { 
    foreach $dir (@scriptaliases) {
        opendir(IMD, $dir) || print(STDERR "$! $dir\n");
        @thefiles= readdir(IMD);
        closedir(IMD);
        foreach $filename (@thefiles) {
	    chomp $filename;
	    if (-f "$dir$filename") {
		$fnasize = $#filenames + 1;
		$filenames[$fnasize] = "$dir$filename";
	    } elsif (-d "$dir$filename") {
		$dirsize = $#filenames + 1;
		$dirames[$fnasize] = "$dir$filename";
	    } 
	}
    }
}

sub getsearchindex() {
	setpriority(PRIO_PROCESS,0,19);
	@filenames = File::Find::Rule->file
				->name("*.cgi","*.pl","*.php")
				->in("$searchpath");
}

sub filecommand () {
    my $ft = File::Type->new();
    foreach $filepath (@filenames) {
	$a_prog=0; $a_perl=0; $a_bash=0;
	$filetype = $ft->checktype_filename("$filepath");
	if ($filetype eq "application/x-executable-file")  { $a_prog = 1; }
	elsif ($filetype eq "application/x-perl")  { $a_perl = 1; }
	elsif ($filetype eq "application/x-sh")  { $a_bash = 1; }
	elsif ($filetype eq "application/x-awk")  { $a_awk = 1; }
	elsif ($filetype eq "application/x-sh")  { $a_bash = 1; }
	elsif ($filetype eq "application/x-ms-dos-executable")  { $a_dos = 1; }
	elsif ($filetype eq "text/script")  { $a_script = 1; }
	elsif ($filetype eq "application/octet-stream")  { $a_script = 1; }
	if ($a_prog == 1 ) { 
    	    $elfsize = $#elffilenames + 1;
	    $elffilenames[$elfsize] = "$filepath";
	} elsif ($a_perl == 1 ) { 
	    $perlsize = $#perlfilenames + 1;
	    $perlfilenames[$perlsize] = "$filepath";
	} elsif ($a_bash == 1 ) { 
    	    $shellsize = $#shellfilenames + 1;
	    $shellfilenames[$shellsize] = "$filepath";
        } else {  $othersize = $#otherfilenames + 1;
	    $otherfilenames[$othersize] = "$filepath";
	} 
    }
}    

sub printconfigfiles() {
    foreach $a ( @configfiles ) {
	print "$a\n";
    }
	print "\n";
}

sub printcgidirs() {
    foreach $b (@scriptaliases) {
	print "$b\n";
    }
	print "\n";
} 

sub statfile () { 
foreach $filename (@_) { 
    ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($filename);
    print "$dev $ino $mode $rdev\n";
    }
}

sub printdirindex() {
    foreach $c (@filenames) {
	        print ("$c");
	print "\n";
    } 
}

sub md5filecheck () {
	open(IN_FILE,"<@_") || die "Cannot open @_ input\n";
	binmode(IN_FILE);
	$md5digest = Digest::MD5->new->addfile(*IN_FILE)->hexdigest , "\n";
	close IN_FILE;
	return $md5digest;
}

sub mailsend() {
        $hostname = `hostname`;
        chomp($hostname);
        foreach (@VERSIONS){
                ($file,$name,$version) = split(":", $_, 4);
                $vulnfiles .= "$file is $name Version $version\n";
        }
        if ($vulnfiles) {
        $subject = "CGIcheck Alert: $hostname has Vulnerable Scripts\n";
        $msg = "The following files are old vulnerable versions of matts formmail.\n \
		These scripts allow spammers to spam through these scripts, \n \
		making your server a open relay.  They need to be be \n \
		upgraded immediatly!!!\n\n";
        open(SENDMAIL,"|/usr/sbin/sendmail -t");
        print SENDMAIL "To: <$admin_email>\n";
        print SENDMAIL "From: FormMailCheck\@$hostname\n";
        print SENDMAIL "Subject: $subject\n\n";
        print SENDMAIL "$msg $vulnfiles";
        close(SENDMAIL);
        }
}

sub printresults {
        foreach (@VERSIONS){
                ($file,$name,$version,$evil) = split(":", $_, 4);
		if (!$unint || $evil) {
			write;
		}
        }
}


__END__

=head1 NAME

cgicheck - Check CGI-path for (insecure) programs

=head1 SYNOPSIS

cgicheck [options] [file ...]

 Options:
   --help help message
   --inputfile
   --outputfile
   --search
   --uninteresting
   --reportonly
   --delevil
   --chmodevil

=head1 OPTIONS

=over 8

=item B<--help>

Print a brief help message and exit.

=item B<--inputfile>

Specify a httpd.conf as inputfile

=item B<--search>

Search the whole filesystem

=item B<--uninteresting>

Skip uninteresting files in the Output

=item B<--reponly>

Only report the programs, don't try to identify 

=item B<--delevil>

Delete known evil and exploitable scripts 

=item B<--chmodevil>

inhibit execution of known evil and exploitable scripts by chmod 000

=item B<--quiet>

Suppress header in output.

=back

=head1 DESCRIPTION

B<This program> will read a given httpd configuration file, extract all CGI-paths
and will identify and fingerprint all CGI-scripts found in these paths. Alternatively
it will search whole filesystems for CGI-scripts. 

=cut