I'm trying to make a simple page command execution vulnerability... This is my code:
system($_GET['cmd']);
It is working fine, like this : http://example/index.php?cmd=ls
The problem is I want make this little code to work with any parameter and any method (GET or POST)
For example, if any parameter is used then it will still pass through the system method, ie: "?hello=ls". (I did not know they where to use hello
as the key. Any ideas?