How I can inject a shell command in the below code?
<?php
if (isset($_POST['search'])) {
$res = trim(shell_exec("findstr /l /m /s \"" . $_POST['search'] . "\" archive\\*"));
if ($res) {
echo "<center>
Asked
Active
Viewed 218 times
0
-
Is this a homework? – Esa Jokinen Jun 20 '21 at 06:29
-
Seems to me that you could **pipe a command** after `finstr`, then a pound (#) to comment the rest of the line (the archive part). So the whole line remains syntactically correct and will execute normally. – Kate Jun 20 '21 at 18:34