This table provides a handy list of techniques that can be used for remote command execution, by language.
Table C-1. Remote Command Execution Cheat Sheet | ||
Web Application Environment | Source Code | Additional Information |
Java Servlet | class Example extends HTTPServlet { . . . void function() { Runtime r = Runtime.getRuntime(); Process p = r.exec("<command>", <arguments>); } . . . } | http://java.sun.com/j2se/1.4/docs/api/java/lang/Runtime.html |
Java Server Pages (JSP) | <% Runtime r = Runtime.getRuntime(); Process p = r.exec("<command>", <arguments>); %> | http://java.sun.com/j2se/1.4/docs/api/java/lang/Runtime.html |
Active Server Pages (ASP) | If Windows Scripting Host is installed on the target system: <% Set wsh = Server.CreateObject("Wscript.shell") wsh.run("<command>"); %> | http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/wsMthRun.asp |
PERL | In PERL, commands are executed by wrapping them with the backtick symbol (`) $result = `<command>`; or system("<command>"); or open(IN, "<command> |"); | http://www.perldoc.com/perl5.6/pod/perlfunc.html |
PHP | <? system("<command>") ?> or <? shell_exec("<command>") ?> | http://www.php.net/manual/en/function.shell-exec.php |
MS SQL | EXEC master..xp_cmdshell" <command>" |
|