I want to run WPScan through PHP file. I am using shell_exec function to call the WPScan command, but it throws out following error:
[ERROR] cannot load such file -- bundler/setup
WPScan needs ruby to be running in the server and WPScan command can only run inside the WPScan directory. When we run this command outside the WPScan directory, than it throws out the same following error:
[ERROR] cannot load such file -- bundler/setup
Means browser is not able to locate the files needed by the WPScan, and all the files are placed inside the document root of the website. Other all commands are working through shell_exec, but ruby command throws out a error. In short it is unable to find the files needed by the WPScan.
The command is:
ruby wpscan.rb --url http://example.com/ --follow-redirection --log
I tried using full path also:
/usr/local/rvm/rubies/ruby-2.3.0/bin/ruby /var/www/html/wp-scan/wpscan.rb --url example.com --follow-redirection --log
But nothing works.
$wp_command = shell_exec('/usr/local/rvm/rubies/ruby-2.3.0/bin/ruby /var/www/html/wp-scan/wpscan.rb --url example.com --follow-redirection --log');
echo $wp_command;
die;
Try something like this:
$wp_command = shell-exec('cd /var/www/html/wp-scan && ruby wpscan.rb --url example.com --follow-redirection --log');
echo $wp_command;
die;
Should work if you install WPScan and RVM correctly.
Related
Hello i was trying to use exec() in php via web page to execute a file in the root directory, and for some reason none of my commands work except
ls
witch even when i do
ls /root
it doesn't work seems i can only do ls in the current directory or commands like whoami which returns apache
i've tried setting user permissions for apache, and i've tried setting permissions for file or /var/www/html directory and nothing seems to work any ideas?, my basic code below
<?php
command = "ls /root";
exec($command);
?>
The exec command return only the last line of your command.
Like said in the documentation, you should add a second parameter to get the result or use the function passthru
On my server (Ubuntu 14.04.4 LTS), I have a Firefox installed, as well as xvfb for headless Firefox operation, and CasperJS with SlimerJS. I also have a CasperJS script which works fine. I want to utilize this script from PHP; this is the essence of my PHP script for this, let's call it mytest.php:
echo "php_sapi_name() " . php_sapi_name() . "\n"; // "cli" for php cli, "apache2handler" for php via webserver
chdir(dirname(__FILE__));
$nodeModPath = "/home/USERNAME/.nvm/versions/node/v4.0.0/lib/node_modules";
putenv("SLIMERJSLAUNCHER=/usr/bin/firefox46");
$cmdline = "xvfb-run $nodeModPath/casperjs/bin/casperjs --engine=slimerjs --debug=true mySlimerScript.js";
$returnString = shell_exec($cmdline);
echo "$returnString\n";
EDIT: Note that the command could as well be just:
$cmdline = "xvfb-run $nodeModPath/casperjs/bin/casperjs --engine=slimerjs --debug=true 2>&1";
... that is, without any JS script listed - in which case the help should be dumped (and is, in case of CLI access - but the same error as below is reported when accessing through webserver)
When I run this PHP script from the terminal command line (via SSH), that is through PHP in CLI mode:
$ php mytest.php
... everything runs fine, there is no problem whatsoever.
However, when I invoke this PHP script online through the webserver, that is via http://example.com/mytest.php, it fails first with the error:
Gecko error: it seems /usr/bin/firefox46 is not compatible with SlimerJS.
See Gecko version compatibility. If version is correct, launch slimerjs
with --debug=true to see Firefox error message
... and after adding --debug=true (as already included in the example above), I additionally get this error:
JavaScript error: resource://gre/modules/FileUtils.jsm, line 63: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIProperties.get]
So, apparently my headless Firefox does not want to run, when PHP is invoked through the webserver (in which case, PHP reports that it uses the apache2handler SAPI).
Would anyone know why this happens - and how can I get the script to execute properly when called from a webserver, just as when it runs under PHP CLI mode?
EDIT 2: Can now reconstruct this error via CLI mode too, and can confirm it is due to the user; so without any JS script provided in the $command, I get this:
$ sudo -H -u root php mytest.php
...
Usage: casperjs [options] script.[js|coffee] [script argument [script argument ...]]
casperjs [options] test [test path [test path ...]]
casperjs [options] selftest
...
$ sudo -H -u www-data php mytest.php
JavaScript error: resource://gre/modules/FileUtils.jsm, line 63: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIProperties.get]
Gecko error: it seems /usr/bin/firefox46 is not compatible with SlimerJS.
See Gecko version compatibility. If version is correct, launch slimerjs
with --debug=true to see Firefox error message
Well, this was a nasty problem. I ended up doing an strace, and comparing the logs, for the root user and the www-data user when running a full slimerjs (the full command line can be found by adding echoes to /path/to/slimerjs-0.10.1-pre/slimerjs):
sudo -H -u www-data strace \
/usr/bin/firefox46 -app /path/to/slimerjs-0.10.1-pre/application.ini \
--profile /path/to/firefox-46.0.1/profile-46 -no-remote --debug=true /home/USERNAME/.nvm/versions/node/v4.0.0/lib/node_modules/casperjs/bin/bootstrap.js --casper-path=/home/USERNAME/.nvm/versions/node/v4.0.0/lib/node_modules/casperjs \
--cli 2>&1 \
| tee /tmp/strace.log
sudo -H -u root strace \
/usr/bin/firefox46 -app /path/to/slimerjs-0.10.1-pre/application.ini \
--profile /path/to/firefox-46.0.1/profile-46 -no-remote --debug=true /home/USERNAME/.nvm/versions/node/v4.0.0/lib/node_modules/casperjs/bin/bootstrap.js --casper-path=/home/USERNAME/.nvm/versions/node/v4.0.0/lib/node_modules/casperjs \
--cli 2>&1 \
| tee /tmp/straceR.log
If these logs are now compared in say meld, then the eventually start diverging at a point like this:
mkdir("/root/.innophi", 0700) = 0
mkdir("/root/.innophi/slimerjs", 0700) = 0
... [vs.] ...
mkdir("/var/www/.innophi", 0700) = -1 EACCES (Permission denied)
access("/var/www/.innophi", F_OK) = -1 ENOENT (No such file or directory)
So, casperJS basically tries to create a directory in the home directory of the user; the problem is , www-data's $HOME is /var/www, where it seemingly has no write access!
So, the easiest thing for me was to "hack" the $HOME environment variable in the mytest.php script, and set it to /tmp, where www-data definitely has write permissions:
...
putenv("SLIMERJSLAUNCHER=/usr/bin/firefox46");
putenv("HOME=/tmp");
...
... and whaddayaknow, finally the script works under the www-data user from CLI too:
$ sudo -H -u www-data php test_commands.php
...
Options:
--verbose Prints log messages to the console
--log-level Sets logging level
--help Prints this help
...
Btw, this .innophi directory seems to also be mentioned in https://docs.slimerjs.org/current/configuration.html#profiles ,
I have the following PHP code that is run when a user clicks a button on a local intranet page to run some Node JS commands. e.g.
exec('npm install', $output);
$output = implode(PHP_EOL, $output);
echo $output;
But the command doesn't seem to get run... It does if I type the command into the command prompt and run it...
I don't see any errors and NodeJS is set as a system variable in the Path so it should know what grunt is... Any ideas? Other commands, e.g. whoami run fine.
Any ideas?
I'm on Windows 7.
Update: Based on the comments below I can now get an error with:
exec('npm install 2>&1', $output, $returnCode);
$output = implode(PHP_EOL, $output);
echo $output . ' ' . $returnCode;
And this is the error:
TypeError: Cannot call method 'get' of undefined at C:\Program Files (x86)\nodejs\node_modules\npm\lib\npm.js:310:23 at C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\npmconf\npmconf.js:80:7 at Array.forEach (native) at C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\npmconf\npmconf.js:79:13 at f (C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\once\once.js:16:25) at C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\npmconf\npmconf.js:108:14 at Conf. (C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\npmconf\npmconf.js:179:14) at Conf.next (C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\npmconf\lib\load-prefix.js:48:20) at C:\Program Files (x86)\nodejs\node_modules\npm\node_modules\mkdirp\index.js:37:53 at Object.oncomplete (fs.js:107:15) C:\Program Files (x86)\nodejs\node_modules\npm\lib\npm.js:33 throw new Error('npm.load() required') ^ Error: npm.load() required at Object.npm.config.get (C:\Program Files (x86)\nodejs\node_modules\npm\lib\npm.js:33:11) at exit (C:\Program Files (x86)\nodejs\node_modules\npm\lib\utils\error-handler.js:49:27) at process.errorHandler (C:\Program Files (x86)\nodejs\node_modules\npm\lib\utils\error-handler.js:316:3) at process.emit (events.js:95:17) at process._fatalException (node.js:272:26) 7
So it looks like the PHP knows where NodeJS and NPM is... but can't run it?
If I do whoami in the PHP I get: nt authority\iusr
But if I do it from the command prompt then I get: dom\cameron
I wonder if it's because PHP runs it as a different user to when I run it directly in the command prompt...
Okay I've managed to fix this!
Basically you need to run the website (where the PHP file lives) as the same user as where NodeJS is run from!
To achieve this I did the following in IIS:
1.) Find the website
2.) Choose basic settings
3.) Click the connect as... button
4.) Choose 'specific user'
5.) Enter `dom/cameron` and my password
6.) Restart IIS
If anyone has any ideas for how to get NodeJS running for the default nt authority\iusr then feel free to post an answer :)
You defined npm in WINDOWS path, but did PHP recognize it?
I suggest you should test it with writing the full NPM path in the exec. If it works, than you should call putenv() with correct parameters before executing npm install..
So first try:
exec('C:\npm-test\npm install', $output);
$output = implode(PHP_EOL, $output);
echo $output;
And if it works, use the putenv() command before calling exec(). Example:
putenv("npm='C:\npm-test\npm'");
//and then exec(...)
The error you're getting indicating that an object is not defined. It's quite possible that a module is simply not loading because you're not running the script from the correct location, and relative links to some include are not working. Running as the correct user might fix it. Or try changing to the correct directory before running the node script. Or change the location of the links inside the node script.
I've got the following script:
#!/bin/sh
export DISPLAY=:0
phantomjs --version
It try to run it from the following PHP script:
<?php
$result = shell_exec('sh test.sh');
echo $result;
?>
This script return the following error:
[Thu Jun 19 10:31:31 2014] [error] [client] test.sh: line 3: phantomjs: command not found
I tried to run phantomjs -v by hand in a console, and it runs fine. I checked the PATH, and phantomjs is correctly defined and found.
The execution environment is a virtual Server with LiveConfig.
Can someone help me understand what I'm doing wrong ?
It could be an issue with shell_exec() and line breaks,
try adding "2>&1" to the string you are passing:
$result = shell_exec('sh test.sh 2>&1');
this worked for me, found it in the top comment here, naturally ;)
Your PATH probably lacks the location for the phantomjs executable. PhantomJS is probably installed in /usr/local/bin so you need to add this to your PATH variable:
#!/bin/sh
export DISPLAY=:0
PATH=$PATH:/usr/local/bin
phantomjs --version
To check what the current PATH is, you could begin the shell script with:
#!/bin/sh
echo $PATH
<?php
exec('/usr/local/bin/phantomjs path/somescript.js');
?>
Yes. Sometimes phantomjs don't need full path in some environment without generate any error. However, sometimes it does.
Always use the full path for all argument in the php command.
Did you use the fullpath for hello.js?
Do not use exec(). Never. It's a bad way.
Use the php-phantomjs and PhantomJS Runner instead.
I have a following php script -
<?php
$command = "python webkit2png/webkit2png -D screenshots http://stackoverflow.com";
$command = escapeshellcmd($command);
system($command);
When run from Terminal by means of
php test.php
it produces the website screenshots, however, opening test.php in browser does not bring any results.
Both python and php scripts are owned by _www user, under which apache is running. I even tried running the test.php under _www in Terminal, it still works. Is there something I'm missing?
Thanks to #amccausl I found this in apache logs -
Wed Feb 27 07:12:03 mini.local python[83331] <Error>: kCGErrorFailure: Set a breakpoint # CGErrorBreakpoint() to catch errors as they are logged.
_RegisterApplication(), FAILED TO establish the default connection to the WindowServer, _CGSDefaultConnection() is NULL.
Traceback (most recent call last):
File "webkit2png/webkit2png", line 353, in <module>
if __name__ == '__main__' : main()
File "webkit2png/webkit2png", line 324, in main
AppKit.NSBorderlessWindowMask, 2, 0)
objc.error: NSInternalInconsistencyException - Error (1002) creating CGSWindow
The library you're using is trying to establish a connection to your xserver to render a png. This works fine on terminal, because you have a connection available, but will break for ssh or apache sessions because they don't.
You can create one for their use with xvfb
The approach used in this question is a good example for you (you can ignore the solutions).
<?php
$command = "xvfb-run -a -s '-screen 0 640x480x16' python webkit2png/webkit2png -D screenshots http://stackoverflow.com";
$command = escapeshellcmd($command);
system($command);
you should use the absolute path like /usr/local/php53/bin/php
If you're not forced to use python and can install something else, I'd recommend http://phantomjs.org/. It's much better and powerful in making screenshots of webpages and doesn't need an xserver (but node.js)