docker-vulnerable-dvwa/dvwa/vulnerabilities/exec/source/high.php

<?php

if( isset( $_POST[ 'Submit' ]  ) ) {
	// Get input
	$target = trim($_REQUEST[ 'ip' ]);

	// Set blacklist
	$substitutions = array(
		'&'  => '',
		';'  => '',
		'| ' => '',
		'-'  => '',
		'$'  => '',
		'('  => '',
		')'  => '',
		'`'  => '',
		'||' => '',
	);

	// Remove any of the charactars in the array (blacklist).
	$target = str_replace( array_keys( $substitutions ), $substitutions, $target );

	// Determine OS and execute the ping command.
	if( stristr( php_uname( 's' ), 'Windows NT' ) ) {
		// Windows
		$cmd = shell_exec( 'ping  ' . $target );
	}
	else {
		// *nix
		$cmd = shell_exec( 'ping  -c 4 ' . $target );
	}

	// Feedback for the end user
	$html .= "<pre>{$cmd}</pre>";
}

?>
first commit 2016-12-02 19:19:11 +00:00			`<?php`

			`if( isset( $_POST[ 'Submit' ] ) ) {`
			`// Get input`
			`$target = trim($_REQUEST[ 'ip' ]);`

			`// Set blacklist`
			`$substitutions = array(`
			`'&' => '',`
			`';' => '',`
			`'\| ' => '',`
			`'-' => '',`
			`'$' => '',`
			`'(' => '',`
			`')' => '',`
			'`' => '',
			`'\|\|' => '',`
			`);`

			`// Remove any of the charactars in the array (blacklist).`
			`$target = str_replace( array_keys( $substitutions ), $substitutions, $target );`

			`// Determine OS and execute the ping command.`
			`if( stristr( php_uname( 's' ), 'Windows NT' ) ) {`
			`// Windows`
			`$cmd = shell_exec( 'ping ' . $target );`
			`}`
			`else {`
			`// *nix`
			`$cmd = shell_exec( 'ping -c 4 ' . $target );`
			`}`

			`// Feedback for the end user`
			`$html .= "<pre>{$cmd}</pre>";`
			`}`

			`?>`