$out = `ls -la`; echo '<pre>'.$out.'</pre>';
输出结果:
total 10 drwxrwxrwx 1 root root 4096 Apr 7 15:42 . drwxrwxrwx 1 root root 4096 Apr 7 14:48 .. -rwxrwxrwx 1 root root 174 Apr 7 14:52 .buildpath -rwxrwxrwx 1 root root 514 Apr 7 14:52 .project drwxrwxrwx 1 root root 0 Apr 7 14:52 .settings -rwxrwxrwx 1 root root 236 Apr 8 23:29 index.php
利用PHP的操作符 查询nginx 是否启动
$out = `ps -ef|grep nginx`; echo '<pre>'.$out.'</pre>';
root 2536 1 0 22:05 ? 00:00:00 nginx: master process nginx www 2565 2536 0 22:08 ? 00:00:00 nginx: worker process www 3312 2624 0 23:32 ? 00:00:00 sh -c ps -ef|grep nginx www 3314 3312 0 23:32 ? 00:00:00 grep nginx
也就是说;php可以执行任何shell脚本!