mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
13 lines
385 B
PHP
13 lines
385 B
PHP
<?php
|
|
// Command injection — positive fixture.
|
|
// Vulnerable: passes user input directly to shell_exec.
|
|
// Entry: runPing($host) Cap: CODE_EXEC
|
|
// Expected verdict: Confirmed ("; echo NYX_PWN_CMDI" echoes the marker)
|
|
|
|
function runPing($host) {
|
|
echo "__NYX_SINK_HIT__\n";
|
|
$output = shell_exec('echo hello ' . $host);
|
|
if ($output !== null) {
|
|
echo $output;
|
|
}
|
|
}
|