Command Injection Proof of Concept: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 1: | Zeile 1: | ||
| + | <<nowiki />pre> → <pre> | ||
| + | |||
=PHP Code= | =PHP Code= | ||
<pre> | <pre> | ||
Version vom 27. Juni 2021, 16:09 Uhr
<pre> →
=PHP Code=
<pre>
<!DOCTYPE html>
<html>
<body>
<h2>PING</h2>
<form method="post">
<label for="fname">IP</label><br>
<input type="text" name="ip"><br>
<input type="submit" name="submit" value="submit">
</form>
<br>
<?php
if(isset($_POST['submit'])){
$ip = $_POST['ip'];
$cmd = 'ping -c 4 ' . $ip;
$output = shell_exec($cmd);
echo <<nowiki />pre> $output<<nowiki />/pre> ";
}
?>
</body>
</html>
</code>