Convert a string to a command to run on the server
1. Install libraries in batches and execute multiple commands
import os
libs = {"numpy","matplotlib","pillow","sklearn","requests","jieba","beautifulsoup4","wheel","networkx","sympy","pyinstaller","django","flask","werbot","pyQt5","pandas","pyopengl","pypdf2","docopt","pygame"}
try:
for lib in libs:
os.system("pip install "+lib)
print("Successful")
except:
print("Failed Somehow")
##使用system执行多条命令
##为了保证system执行多条命令可以成功,多条命令需要在同一个子进程中运行;
import os
os.system('cd /usr/local && mkdir aaa.txt')
# 或者
os.system('cd /usr/local ; mkdir aaa.txt')
2. Pay attention to the filter command
If it is not filtered, it will be a time bomb, leaving a loophole in command execution. Hackers can completely construct commands to carry out command injection attacks on the server, and then use some commands to achieve remote control or remote control.