Appendix C. Remote Command Execution Cheat Sheet
This table provides a handy list of techniques that can be used for remote command execution, by language.
Table C-1. Remote Command Execution Cheat Sheet
Web Application Environment | Source Code | Additional Information |
---|---|---|
Java Servlet | class Example extends HTTPServlet { . . . void function() { Runtime r = Runtime.getRuntime(); Process p = r.exec("<command>", <arguments>); } . . . } | http://java.sun.com/j2se/1.4/docs/api/java/lang/Runtime.html |
Java Server Pages (JSP) | <% Runtime r = Runtime.getRuntime(); Process p = r.exec("<command>", <arguments>); %> | http://java.sun.com/j2se/1.4/docs/api/java/lang/Runtime.html |
Active Server Pages (ASP) | If Windows Scripting Host is installed on the target system: ... |
Get Web Hacking: Attacks and Defense now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.