`` $ cd /var/www/cgi-bin/
$ vim shell ``
#!/bin/sh alias urldecode='sed "s@+@ @g;s@%@\\\\x@g" | xargs -0 printf "%b"' echo -e "Content-type: text/plain\n" decoded_str=`echo $QUERY_STRING | urldecode` echo -e "`$decoded_str` \n"测试:在浏览器中输入http://127.0.0.1/cgi-bin/shell?pwd,即可列出目录
提供web接口`` $ cd /var/www/html
$ vim index.html ``
<html> <head> <script> function httpGet(url) { var xmlHttp = new XMLHttpRequest(); xmlHttp.open("GET", url, false); // false: wait respond xmlHttp.send(null); return xmlHttp.responseText; } function f() { var url = "http://127.0.0.1/cgi-bin/shell?"+ document.getElementById('in').value; document.getElementById('out').innerHTML = httpGet(url); } </script> </head> <body> <span>command: </span> <input id='in'></input> <button onclick='f()'>send</button> <br/> <pre id='out'></pre> </body> </html>注意修改代码中ip,更改为服务器ip或域名
效果图如图所示
cgi-bin目录执行shell脚本格式
#!/bin/sh printf "Content-Type: text/plain\n\n" your_commands_here安全性优化 限制用户访问cgi-bin目录,修改/etc/httpd/conf/httpd.conf
<Directory "/var/www/cgi-bin"> AllowOverride None Options None Require all granted Deny From all Allow From 127.0.0.1 your-ip-address 配置http页面账号密码访问,也可实现安全性 弊端 无法执行复杂的脚本命令,如带有" |等特殊符号的命令无法执行,如yum、top命令执行结果不完整、仅适用于简单带输出脚本命令,脚本运行账号为apache转载博客园:Mr黄瑞
