Command Injection Projekt: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
(10 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 6: Zeile 6:
 
*echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php
 
*echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php
 
*curl https://SEITENNAME/info.php
 
*curl https://SEITENNAME/info.php
 +
=Beispiele=
 +
 +
==ping.php==
 +
<syntaxhighlight lang="html">
 +
<!DOCTYPE html>
 +
<html>
 +
<body>
 +
<h2>PING</h2>
 +
<form method="post">
 +
<label for="ip">IP-Adresse:</label><br>
 +
<input type="text" name="ip"><br>
 +
<input type="submit" name="submit" value="Ping">
 +
</form>
 +
<br>
 +
<?php
 +
if (isset($_POST['submit'])) {
 +
    $ip = $_POST['ip'];
 +
    $cmd = 'ping -c 4 ' . $ip;
 +
    $output = shell_exec($cmd);
 +
    echo "<pre>$output</pre>";
 +
}
 +
?>
 +
</body>
 +
</html>
 +
</syntaxhighlight>
 +
 +
==traceroute.php==
 +
<syntaxhighlight lang="html">
 +
<!DOCTYPE html>
 +
<html>
 +
<body>
 +
<h2>Traceroute</h2>
 +
<form method="post">
 +
<label for="host">Hostname oder IP:</label><br>
 +
<input type="text" name="host"><br>
 +
<input type="submit" name="submit" value="Traceroute">
 +
</form>
 +
<br>
 +
<?php
 +
if (isset($_POST['submit'])) {
 +
    $host = $_POST['host'];
 +
    $cmd = 'traceroute ' . $host;
 +
    $output = shell_exec($cmd);
 +
    echo "<pre>$output</pre>";
 +
}
 +
?>
 +
</body>
 +
</html>
 +
</syntaxhighlight>
 +
 +
==nslookup.php==
 +
<syntaxhighlight lang="html">
 +
<!DOCTYPE html>
 +
<html>
 +
<body>
 +
<h2>NSLookup</h2>
 +
<form method="post">
 +
<label for="domain">Domain:</label><br>
 +
<input type="text" name="domain"><br>
 +
<input type="submit" name="submit" value="Lookup">
 +
</form>
 +
<br>
 +
<?php
 +
if (isset($_POST['submit'])) {
 +
    $domain = $_POST['domain'];
 +
    $cmd = 'nslookup ' . $domain;
 +
    $output = shell_exec($cmd);
 +
    echo "<pre>$output</pre>";
 +
}
 +
?>
 +
</body>
 +
</html>
 +
</syntaxhighlight>
 +
 +
==ss.php==
 +
<syntaxhighlight lang="html">
 +
<!DOCTYPE html>
 +
<html>
 +
<body>
 +
<h2>Netstat mit Filter</h2>
 +
<form method="post">
 +
<label for="filter">Filter (z.B. :80 oder ESTABLISHED):</label><br>
 +
<input type="text" name="filter"><br>
 +
<input type="submit" name="submit" value="Anzeigen">
 +
</form>
 +
<br>
 +
<?php
 +
if (isset($_POST['submit'])) {
 +
    $filter = $_POST['filter'];
 +
    $cmd = 'ss -tunap | grep ' . $filter;
 +
    $output = shell_exec($cmd);
 +
    echo "<pre>$output</pre>";
 +
}
 +
?>
 +
</body>
 +
</html>
 +
</syntaxhighlight>
 +
 +
==whois.php==
 +
<syntaxhighlight lang="html">
 +
<!DOCTYPE html>
 +
<html>
 +
<body>
 +
<h2>WHOIS-Abfrage</h2>
 +
<form method="post">
 +
<label for="domain">Domain:</label><br>
 +
<input type="text" name="domain"><br>
 +
<input type="submit" name="submit" value="WHOIS">
 +
</form>
 +
<br>
 +
<?php
 +
if (isset($_POST['submit'])) {
 +
    $domain = $_POST['domain'];
 +
    $cmd = 'whois ' . $domain;
 +
    $output = shell_exec($cmd);
 +
    echo "<pre>$output</pre>";
 +
}
 +
?>
 +
</body>
 +
</html>
 +
</syntaxhighlight>
 +
[[Kategorie:Security-Demo]]
 +
[[Kategorie:Command Injection]]
 +
[[Kategorie:Netzwerktools]]
 +
[[Kategorie:PHP Beispiele]]
 +
[[Kategorie:Schulungsunterlagen]]
 +
[[Kategorie:Cybersecurity‏‎]]
 +
[[Kategorie:Hacking‏‎]]

Aktuelle Version vom 27. April 2025, 17:11 Uhr

Installation

  • sudo apt update
  • sudo apt install apache2 php libapache2-mod-php
  • sudo systemctl restart apache2

Test

Beispiele

ping.php

<!DOCTYPE html>
<html>
<body>
<h2>PING</h2>
<form method="post">
<label for="ip">IP-Adresse:</label><br>
<input type="text" name="ip"><br>
<input type="submit" name="submit" value="Ping">
</form>
<br>
<?php
if (isset($_POST['submit'])) {
    $ip = $_POST['ip'];
    $cmd = 'ping -c 4 ' . $ip;
    $output = shell_exec($cmd);
    echo "<pre>$output</pre>";
}
?>
</body>
</html>

traceroute.php

<!DOCTYPE html>
<html>
<body>
<h2>Traceroute</h2>
<form method="post">
<label for="host">Hostname oder IP:</label><br>
<input type="text" name="host"><br>
<input type="submit" name="submit" value="Traceroute">
</form>
<br>
<?php
if (isset($_POST['submit'])) {
    $host = $_POST['host'];
    $cmd = 'traceroute ' . $host;
    $output = shell_exec($cmd);
    echo "<pre>$output</pre>";
}
?>
</body>
</html>

nslookup.php

<!DOCTYPE html>
<html>
<body>
<h2>NSLookup</h2>
<form method="post">
<label for="domain">Domain:</label><br>
<input type="text" name="domain"><br>
<input type="submit" name="submit" value="Lookup">
</form>
<br>
<?php
if (isset($_POST['submit'])) {
    $domain = $_POST['domain'];
    $cmd = 'nslookup ' . $domain;
    $output = shell_exec($cmd);
    echo "<pre>$output</pre>";
}
?>
</body>
</html>

ss.php

<!DOCTYPE html>
<html>
<body>
<h2>Netstat mit Filter</h2>
<form method="post">
<label for="filter">Filter (z.B. :80 oder ESTABLISHED):</label><br>
<input type="text" name="filter"><br>
<input type="submit" name="submit" value="Anzeigen">
</form>
<br>
<?php
if (isset($_POST['submit'])) {
    $filter = $_POST['filter'];
    $cmd = 'ss -tunap | grep ' . $filter;
    $output = shell_exec($cmd);
    echo "<pre>$output</pre>";
}
?>
</body>
</html>

whois.php

<!DOCTYPE html>
<html>
<body>
<h2>WHOIS-Abfrage</h2>
<form method="post">
<label for="domain">Domain:</label><br>
<input type="text" name="domain"><br>
<input type="submit" name="submit" value="WHOIS">
</form>
<br>
<?php
if (isset($_POST['submit'])) {
    $domain = $_POST['domain'];
    $cmd = 'whois ' . $domain;
    $output = shell_exec($cmd);
    echo "<pre>$output</pre>";
}
?>
</body>
</html>
Abgerufen von „http://wiki.ixheim.de/index.php?title=Command_Injection_Projekt&oldid=62315