cgi-bin

	cgi-bin
advICE :Exploits :Web : cgi-bin

/cgi-bin is the directory where most "CGI (Common Gateway Interface)" scripts reside. CGI is a standard that allows the web-server to execute a separate program in order to generate content. For example, the URL http://www.example.com/cgi-bin/homepage.pl?user=rob runs the program "homepage.pl" in order to generate content specific to the user "rob".
All "interactive" web sites, as well as e-commerce sites, use some form of scripting to produce their output. Many of these are written specifically for each web site, or by people who then give them away. While the chance is low that any particular script can be exploited by a hacker, the huge diversity in scripts means that thousands of them are out there that can be exploited.

Securing your CGI scripts against hacker invasion-CGI scripts have been known to leak -- don't let hackers exploit this well-known window of opportunity
1998-05-25 CGI vulnerabilities that leave back doors open still plague Web sites
The World Wide Web Security FAQ-Includes a section onf CGI scripts.
The Common Gateway Interface-The "homepage" for CGI.

RESOURCES

Books
FAQs
Intro
News
Lists
Notes

SEARCH