Command Injection Proof of Concept

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

PHP Code

<!DOCTYPE html>
<html>
        <body>
                <h2>PING</h2>
                <form method="post">
                  <label for="fname">IP</label><br>
                  <input type="text" name="ip"><br>
                  <input type="submit" name="submit" value="submit">
                </form>
                <br>
<?php
  if(isset($_POST['submit'])){
    $ip = $_POST['ip'];
    $cmd = 'ping -c 4 ' . $ip;
    $output = shell_exec($cmd);
     echo "<pre> $output<nowiki>

</nowiki>"; 

 }

?> 

       </body>

</html>

Abgerufen von „http://wiki.ixheim.de/index.php?title=Command_Injection_Proof_of_Concept&oldid=25128