Using shell scripts for CGI in lighttpd

I needed to do some fuzzing experiments on a web browser, and decided that a shell script and a webserver was all I needed to do that. This is how to use shell scripts for cgi, this is not about the fuzzing proccess.

First, I installed lighttpd and enabled the cgi module:

sudo apt-get install lighttpd
sudo lighty-enable-mod cgi

Then, a handler should be configured inĀ /etc/lighttpd/conf-enabled/10-cgi.conf, like this:

$HTTP["remoteip"] =~ "" {     
  alias.url += ( "/cgi-bin/" => "/usr/lib/cgi-bin/" )
  $HTTP["url"] =~ "^/cgi-bin/" {
    cgi.assign = ( ".sh" => "/bin/sh" )

Now, make the server reload the config file using

sudo /etc/init.d/lighttpd reload

And here is a simple shell script. Place the shellscript in /usr/lib/cgi-bin/ and remember to set the right permissions for the file.

cat << EOF
Content-Type: text/html

<title>cgi shell scripting example\</title>  
<h1>Stats for this computer</h1>  
echo Date: $(date) "<br />"  
echo Uptime: $(uptime) "<br />"  
cat << EOF  

Notice the extra newline between Content-Type: text/html and the actual webpage.

Navigate to to see the script in action.

Written by Jannich Brendle ons 26 august 2009 In How to

tags: cgidevelopmentlighttpd

Related posts