Pixel2Life Forum > MSDOS Commands

Pixel2Life Forum > Member Tutorials and Requests > Forum Tutorial Archives > PHP Tutorials

cigraphics

Jun 1 2006, 09:45 AM

This script is for msdos commands i've made it for my webserver

CODE

<html>
<head>
<title>Command</title>
<style type="text/css">
.area {
width:100%;
height:90%;
}
</style>
</head>
<body>
<textarea class="area" readonly="readonly">
<?php
if($sys == NULL){} else {
$cmd = system($sys);
echo $cmd;
}
?>
</textarea>
<form method="post">
<input type="text" name="sys" />
<input type="submit" value="Command" />
</form>
</body>
</html>

you can try commands like ping, arp, del, mkdir, ....etc

Indigo

Jun 1 2006, 02:21 PM

This is more like a script than a tutorial, ain't it?
So if I insert in the form "shutdown -s" it'll do that to my computer? Or my server?
Anyway, thanks for sharing.

Matthew.

Jun 2 2006, 05:52 PM

This is a tad silly, unless your host is completly brainless, you will be very limited to what you can do with system().

indigo, it wouldnt do either

shutdown wouldnt work on the server.

cigraphics

Jun 16 2006, 11:07 AM

it will work on a windows server

with apache not with iis or you can try other commands on linux line w, uname -a, or in windows ping, arp, ..etc

coldkill

Jun 19 2006, 05:49 PM

Instead of making the parser work harder with

CODE

if( $sys == NULL )
{

}
else
{
$cmd = system($sys);
echo $cmd;
}

you can use

CODE

if( $sys != NULL )
{
$cmd = system($sys);
echo $cmd;
}

which is alot simpler, clearer and it saves resources if even only a fraction.

Also i doubt, unless you have a Dedicated or Virutal Private Server your username will have access to shut the server down. Imagine the amount of support tickets when, potentially, hundreds of users sites go down? Your host wouldn't be happy.

Matthew.

Jun 20 2006, 07:56 AM

edit:n/m

makavelimx

Jun 21 2006, 12:14 AM

QUOTE(cigraphics @ Jun 16 2006, 12:06 PM)

it will work on a windows server

with apache not with iis or you can try other commands on linux line w, uname -a, or in windows ping, arp, ..etc

Wrong, shutdown -s will NOT work on Apache on windows, it also doesn'tw ork on IIS

ping, ipconfig, etc works but obviously not shutdown, its too big of a security risk

Oh yea, shells like wget won't work either

O yea, fyi, I tried all the stuff I claimed

Hit3k

Jul 13 2006, 06:00 AM

If its a dedicated server you can do some pretty malicious shit..(Excuse the language) but this script also has a bit of a security risk...
FOR EXAMPLE

CODE

$cmd = cat /etc/passwd;
$sys = system($cmd);
echo $sys;

I've tried it on my server.. I should try it on my host.. but I'm sure someone can correct me if I'm wrong

btw I'm running Linux..

cigraphics

Dec 15 2006, 06:20 AM

CODE

I tried it with apache2triad and shutdown -s -t 0 works fine and all other msdos commands with Windows XP Service Pack 2

Archbob

Dec 15 2006, 10:55 AM

I've tried running stringed Unix commands with system and exec, trust me, its a nightmare.

Jynxis

Dec 21 2006, 04:29 AM

lol, in the wrong hands, this information is dangerous.

Ultimate`

Jan 9 2008, 02:09 AM

Haha! that's pretty awesome I think!

Mr. Matt

Jan 21 2008, 07:31 AM

A few pointers for this, register globals would have to be on for this to work, otherwise you would need to do $sys = $_POST['sys'], or just use the $_POST['sys'].

Also to reduce the security risk, have an array of safe commands to run, do a check to see if the command that is trying to be run is within that array, if it is, run it, if it isn't, kill the script.

Matt

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.