PHP system () function - does the shell use to execute the command?

Question

PHP system () function - does the shell use to execute the command?

I read the related post and I get the impression that the function system()in php does not use the shell. But then I saw the following example posted on owasp - Example 6 on the page:

The following PHP code snippet is vulnerable to attacking a command:

<?php
print("Please specify the name of the file to delete");
print("<p>");
$file=$_GET['filename'];
system("rm $file");
?>

The following example and answer is an example of a successful attack: Request

http://127.0.0.1/delete.php?filename=bob.txt;id

Answer

Please specify the name of the file to delete

uid=33(www-data) gid=33(www-data) groups=33(www-data)

Without a shell, why will the system fall for a semicolon OR is the implementation of the system () function implemented in php with a semicolon?

+4

php

Jake Sep 08 '15 at 15:00

source share

2 answers

, :

echo system("echo $0");

+2

Halayem Anis 08 . '15 15:12

Barmar · Accepted Answer · 2015-09-08T15:03:40+0000

He uses a shell. I did not see any answer in the question that you contacted, and said that it is not.

:

system() , C , .

C , PHP.

, C - , PHP .

PHP system () function - does the shell use to execute the command?

More articles: