Command Injection Proof of Concept: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 16: | Zeile 16: | ||
$cmd = 'ping -c 4 ' . $ip; | $cmd = 'ping -c 4 ' . $ip; | ||
$output = shell_exec($cmd); | $output = shell_exec($cmd); | ||
| − | + | echo "<nowiki><pre></nowiki> $output<nowiki></pre></nowiki>"; | |
} | } | ||
?> | ?> | ||
Version vom 27. Juni 2021, 15:59 Uhr
PHP Code
<!DOCTYPE html>
<html>
<body>
<h2>PING</h2>
<form method="post">
<label for="fname">IP</label><br>
<input type="text" name="ip"><br>
<input type="submit" name="submit" value="submit">
</form>
<br>
<?php
if(isset($_POST['submit'])){
$ip = $_POST['ip'];
$cmd = 'ping -c 4 ' . $ip;
$output = shell_exec($cmd);
echo "<pre> $output<nowiki></nowiki>";
}
?>
</body>
</html>