I am trying to convert a working bash script into PHP code.
#!/bin/bash
phonenumber="$1"
message="$2"
# check the args...
# double quotes inside $message must be escaped. Also prevents code injection.
message=${message//\"/\\\"}
adb shell "am startservice --user 0 -n com.android.shellms/.sendSMS -e \"contact\" $phonenumber -e msg \"$message\""
The code above works.
In PHP, next code doesn't work when the messages includes a new line:
function sendsms ($m, $to, $n) {
echo "About to sent an sms to $to [$n]\n";
// escape some chars in $m
$m = addslashes($m);
adb_shell_exec ("am startservice --user 0 -n com.android.shellms/.sendSMS -e contact \"$to\" -e msg \"$m\"");
}
function adb_shell_exec ($s) {
shell_exec("adb shell " . addslashes ($s));
}
I get the message error:
$ php -r "require 'sim-android-v8.php'; sendsms('Message with one double \" quote final solution
and new line','+32*******31','Pierre François');"
About to sent an sms to +32*******31 [Pierre François]
/system/bin/sh: no closing quote
sh: 2: and: not found
I don't understand why it works in bash but not in PHP.
Same bash script
function sendsms ($m, $to, $n) {
echo "About to sent an sms to $to [$n]\n";
$m = escapeshellarg(addslashes($m)); // use escape for shell
$to = escapeshellarg($to);
// double quotes around command for sub shell
shell_exec('adb shell "am startservice --user 0 -n com.android.shellms/.sendSMS -e contact '.$to.' -e msg '.$m.'"');
}
Thanks to FAEWZX, I discovered the proper use of the function escapeshellarg(). The answer he gave above is working in most of the cases, but is not waterproof. IMO, the code below is better because it covers 100% of the cases so far, using escapeshellarg() twice and recursively.
function sendsms ($m, $to, $n) {
echo "About to sent an sms to $to [$n]\n";
$subshell = 'am startservice --user 0' .
' -n com.android.shellms/.sendSMS' .
' -e contact ' . escapeshellarg($to) .
' -e msg ' . escapeshellarg($m);
$shell = 'adb shell ' . escapeshellarg($subshell);
shell_exec($shell);
}
Related
I should enter confirmation code after my function execute. My command wait an answer but I can't reply.
$cmd = 'cd/ && cd .... && ....';
echo shell_exec($cmd);
I tried:
shell_exec($confirmation_code);
I must enter confirmation code after get permission for some access.
Try this
$cmd = 'echo "Yes"| cd/ && cd .... && ....';
echo shell_exec($cmd);
Replace "Yes" by what you want
Symphony Process command can do this for you:
https://symfony.com/doc/current/components/process.html#streaming-to-the-standard-input-of-a-process
I'm trying to pass arguments from a PHP page's POST request into a powershell script.
This is the relevant PHP snippet:
$selectedPartner = $_POST['partner'];
$selectedGroup = $_POST['group'];
$script = "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe AddRemPartners";
if (isset($_POST['partner']) && isset($_POST['group'])){
if (isset($_POST['AddButton']) && $selectedPartner !== "Select Partner" && $selectedGroup !== "Select Group") {
echo "<br>";
echo "Adding " . $selectedPartner . " to " . $selectedGroup . "...<br>";
$cmd = $script . " -Add $selectedPartner $selectedGroup";
echo "command is:<br>" . $cmd;
shell_exec($cmd);
//shell_exec('C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe C:\\xampp\\htdocs\\admin\\AddRemPartners.ps1 -Add $selectedPartner //$selectedGroup');
//$command = shell_exec('C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe telnet 10.11.14.32 4444');
//echo "User added successfully!";
}
if (isset($_POST['RemoveButton']) && $selectedPartner !== "Select Partner" && $selectedGroup !== "Select Group") {
echo "<br>";
//echo "selection was REMOVE";
}
}
And this is my powershell script:
Param([switch]$Add, [switch]$Remove, [string]$User, [string]$Group)
$secpasswd = ConvertTo-SecureString "P#sSw0rd" -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential ("userPortal", $secpasswd)
$server = "host.fqdn"
function AddRemPartners
{
if ($Add){
Write-Host "Add var = $Add"
Write-Host "Add was selected"
Add-ADGroupMember -Server $server -Credential $creds -Identity $Group -Member $User
}
if ($Remove) {
Write-Host "Remove var = $Remove"
Write-Host "Remove was selected"
Remove-ADGroupMember -Server $server -Credential $creds -Identity "$Group" -Member "$User" -Confirm:$false
}
}
AddRemPartners -Add $Add -Remove $Remove -User $User -Group $Group
Things I know:
The php post parameters are good. I captured the request in burpsuit and know that all the correct args are getting sent
The resultant ps query that is built is also good. I output it to the screen and it looks like this:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe AddRemPartners -Add Dude1 Dude1Group
No network issues. If I run the above command directly from within PowerShell is executes correctly.
I've sourced my script using . .\AddRemPartners.ps1 so I can call my function directly as such:
PS > AddRemPartners -Add User Group
PS > AddRemPartners -Remove User Group
I've narrowed it down to this: I can't execute my ps script from cmd like this:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe AddRemPartners -Add User Group
As that errors out with this:
AddRemPartners : The term 'AddRemPartners' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the
name, or if a path was included, verify that the path is correct and try again.
I believe this to be suspect/culpable since I need run that in PHP. So PHP is probably running into the same issue. So why won't cmd recognize my script if I call powershell at the same time as execution?
Any tips and guidance greatly appreciated. I'm at wits end unfortunately. :/
First parameter for PS should be full path of script. Then you should respect parameter definition of PS, on command line as in the script.
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\whereis\AddRemPartners.ps1 -Add -user User -group Group
First line of the script should be parameter definition and defaults.
param([string]$user, [string]$group, [switch]$Add, ...);
When running
ls | php script.php
fgets(STDIN) is not waiting for user input:
<?php
$pipe = stream_get_contents(STDIN);
echo "Enter something";
$line = fgets(STDIN);
But if I run
php script2.php
With script2.php :
<?php
echo "Enter something";
$line = fgets(STDIN);
The script pauses waiting for my input.
How can I get pipe & wait for user input?
Instead use readline function of php, it will work fine,
$string=readline("Enter value: ");
echo $string;
I am using exec function to run my php file in background from another like below
<?php
$username = 'Test';
exec(PHP_BINDIR."/php /opt/lampp/htdocs/myscript/test.php >/dev/null &" );
?>
i want to send a value to the file which runs in background.
i tried below code
<?php
$username = 'Test';
exec(PHP_BINDIR."/php /opt/lampp/htdocs/myscript/test.php?user=".$username." >/dev/null &" );
?>
Test.php
<?php
var_dump($_REQUEST);
?>
but i got null as the value. can any one help me. how i can pass a value to a file which is running in background.
Pass it as command line argument:
$command = sprintf('%s/php /opt/lampp/htdocs/myscript/test.php %s >/dev/null &',
PHP_BINDIR,
escapeshellarg($username));
exec($command);
In the file:
$username = $argv[1];
You can't use URL-style query parameters because you're not using a URL, you're calling an executable.
My Coding is so far:
How to replace exec() through system command in php?
if($str!="success")
{
$cmd = "rm -rf /portal/data/config/certificate/tmp/";
$error_text="Command : ".$cmd;
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
$output = exec($cmd,$array1,$error_code);
$error_text="Error code : ".$error_code;
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
seterror('0:|: :|: Could not apply certificate.');
$error_text="Could not apply certificate";
AddLog("sslconfig.php",$error_text,ERR_INFO);
header("Location: ssl.php");
exit;
}
if($certName==$cert_auth)
{
//copy the applied certificate to fireballbundle.crt
//$output = copysslfb("/portal/data/config/certificate/".$newfile.".crt");
$error_text="Selfsigned Certicate";
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
$output="success";
}
else
{
$error_text="Not Selfsigned Certicate";
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
$output="success";
}
if($output!="success")
{
$cmd = "rm -rf /portal/data/config/certificate/tmp/";
$error_text="Command : ".$cmd;
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
$output = exec($cmd,$array1,$error_code);
$error_text="Error code : ".$error_code;
AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
$error_text="Could not add certificate to fireballbundle.crt : ".$output;
AddLog("sslconfig.php",$error_text,ERR_ERROR);
seterror('0:|: :|: Error in applying certificate.');
header("Location: ssl.php");
exit;
}
Now I want to replace exec command with system command ?
I am using three times exec() here as shown as above code now i want to replace with system () command in php
exec("hostname",$retval);
$output = exec($cmd,$array1,$error_code);
exec($cmd,$array1,$error_code);
To remove a single file, you should use unlink and to remove a directory you should use rmdir. In the comments on those pages, you will find many different ways to emulate rm -rf through these functions.
You should avoid using system or exec as much as is possible. Always look on php.net and google to see if you can find a way to do whatever you're trying to do with a built-in function or library. You have no need to use these facilities here.
What hostname returns you should probably use $_SERVER['SERVER_NAME'] for instead.