
160 Chapter 4 • Vulnerable CGI Scripts
you the ability to specify a different name for these directories. For
example, you could specify that CGI scripts and programs are contained
in a directory named CGI, PROGS, or any other name you choose. If a
hacker who exploits CGI vulnerabilities goes to your site, he or she will
find that a CGI-BIN directory isn’t there.The hacker may feel it’s easier
to move on to another site that does have a CGI-BIN, and leave you
alone. Moreover, as mentioned earlier, most hacking tools that look for
CGI vulnerabilities will only look in the CGI-BIN. Since this directory
doesn’t exist, these tools will either show that no ...