Command Injection Proof of Concept

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

PHP Code

<!DOCTYPE html> <html> 

       <body>

PING

               <form method="post">
                 <label for="fname">IP</label>

                 <input type="text" name="ip">

                 <input type="submit" name="submit" value="submit">
               </form>

<?php 

 if(isset($_POST['submit'])){
   $ip = $_POST['ip'];
   $cmd = 'ping -c 4 ' . $ip;
   $output = shell_exec($cmd);

echo "

$output<nowiki>

"; 

 }

?> 

       </body>

</html>

Abgerufen von „http://wiki.ixheim.de/index.php?title=Command_Injection_Proof_of_Concept&oldid=25129