I have tried both Apache/PHP and Nginx/PHP with nearly the same configuration.
I am running this script:
<?php
exec("calc.exe");
?>
In Apache/PHP, calc.exe is not opened but is found running as a background process.
In Nginx/PHP, calc.exe is opened properly.
I would like to use Apache/PHP to open calc.exe properly.
Exec has no functionality with display, it will spawn processes and such under a different user (thus no affect on the current logged in user)
Scenario; your logged in as User1
On php do the following;
Exec("whoami");
You will see a different user which apache/web service is running as
Related
I am trying to send keypresses to a Raspberry Pi running Raspdbian from from a web page hosted on an Apache server at /var/www.
I'm using xdotool, which can send keypresses using commands like this:
xdotool key C
I made a python script xdotool.py that sends a few keypresses like that:
#!/usr/bin/env python
import os
print 'sending HI'
os.system("export DISPLAY=:0")
os.system("xdotool key H")
os.system("xdotool key I")
I am SSH'd into the Raspberry as user Pi, and running this script from terminal works fine and sends the keystrokes "HI" to the Raspberry.
However, I want to be able to do this through a web page. I've made a php-script that runs python scripts and displays the terminal output in the browser, but it does not work with the xdotool.py script. I have given the script permission to be viewed/changed/executed by all users.
I've also changed the Apache settings in /etc/apache2/envvars and changed the user from www-data to pi. The user pi should have all necessary permissions.
The script does run, and "sending HI" is displayed in the browser. But it doesn't send the keystrokes. The error I get from error.log is this:
Error: Can't open display: (null)
Failed creating new xdo instance
Any ideas how I can accomplish this? If there's a way to give everyone permission to do everything, that wouldn't be a problem seeing that this server will only run on a local network with no internet access.
I'm running a bunch of local Kiosks on mac mini's and have been using dropbox to keep all the files in sync. However - the dropbox updates have been sketchy as of late because of the firewall settings where these things are. A workaround I have found is by having dropbox quit and restart periodically to force it to update.
My question is - since all of these are running php applications on MAMP - is there a way to launch a local app from php? I'm able to kill dropbox by doing something like this:
$killit = killall -KILL Dropbox;
But it doesn't work the same to restart it. I've tried doing this:
$start_dbox = open /Applications/Dropbox.app;
To no avail. Is there a better way to automate this process of shutting down and reopening a local application?
I've had similar problems trying to control software remotely. The 'open' command must be executed either as the currently logged in console user, or from a terminal owned by the console (e.g. Terminal.app).
If you change your PHP to redirect STDERR, you should see the error that 'open' is returning:
$start_dbox = "open /Applications/Dropbox.app 2>&1";
The following text should then be returned from the system call:
LSOpenURLsWithRole() failed with error -10810 for the file /Applications/Dropbox.app.
One workaround I've used in the past is to create a lock file somewhere in the filesystem, which your PHP script can write to and your console user can read. Then, you can create a cron that runs as the console user and periodically checks the lock file to see if it needs to restart Dropbox.
I was actually able to solve this by creating a shell script with the following:
#!/bin/sh
export DYLD_LIBRARY_PATH=""
osascript -e 'tell application "Dropbox" to activate'
Saved it as start_db.sh and dropped it in my root apache directory (so there was no permissions problem for that user).
Then in my php file I was able to do:
$start_dbox = exec('/full/path/to/start_db.sh');
Worked like a charm. Dropbox now quits and restarts with no issues.
I have been trying unsuccessfully so far to write a php script that will run when a page is opened and that will launch metasploit!
I ve tried shell_exec and exec and all the other alternatives but although I can get it to do simple things (i.e. ls, cds etc) if I try msfconsole it doesnt do anything!
I have also tried a different script that launches firefox and again nothing happens!
Now i know that php runs on the server and I m not expecting to see a console or firefox opening in the clients machine! Instead in order to check if it works I am trying to echo out the output of the shell_exec!But anyway since im hosting the files on my machine (i.e. this is the server and a VM is the client) if it could actually launch firefox i should be able to see the app opening here in the same way as by just doing this from the command line!
What am I missing?
Is there any other way to do this?(i.e. Launch metasploit everytime a user opens up my page)
NOTE: I've tried specifying the full path for msfconsole but that didnt work either!
Heres what I have so far:
$output = shell_exec('/opt/local/libexec/metasploit3/msfconsole;show');
echo "<pre>$output</pre>";
The ";show" bit was used in order to actually make it run something and print some stuff but didnt make any difference!
When you run a gui application from the command prompt in a X window system, it will use the default display. When you run it using php which is embedded in apache webserver, the program may not know where to display the gui application.
there are 2 things to make this work.
The program that executes the gui application must have permission to use display
you need to tell the program which display to use.
I used the following in my php script
<?php
$cmd = `export DISPLAY=:0; gedit`;
shell_exec($cmd);
?>
and ran the script from terminal using php -f test.php
I got the gedit up and running.
You can test the same with the script in apache too.
Please add apache user with privileges to access display server
update: I just added the following in /etc/apache2/apache2.conf (I am using ubuntu)
User poomalai
Group poomalai
and restarted the web server
sudo service apache2 restart
now I accessed localhost/test.php
and Presto!! I got the gedit :)
Hope this helps
I am using opencv for initiating the camera on my arch linux. Its getting initiated and works well when I actually do it from the command line on the server itself.
I want to initialize it using php. I tried doing it using shell_exec from PHP.
My PHP file looks like:
<?php
$output=shell_exec('LD_LIBRARY_PATH=usr/local/lib ./a.out 0 2>&1 1>/dev/null');
echo $output;
?>
It gives this output:
ERROR: capture is NULL
I am running this through my windows web browser as a client and the opencv and the related files are on the server that is my arch linux.
I want to start the camera and capture images when I run this php file from the windows web browser, but when executed it throws the error as mentioned.
While this may work when you are SSHed into your server. The webserver user is most likely different than the user you login as. Popular user ids/groups that webservers run as on Linux machines are http, www-data, nobody, and others.
From this point you have two options.
You can make sure the script you are trying to run from PHP (and all of it's children, if any) is able to be run by the webserver user.
You can modify your /etc/sudoers file which gives the webserver user access to elevate permissions for that script only. (NOTE: This potentially opens up security holes so be careful).
To find out what user your webserver runs as execute this: ps aux
Take a look at the output and the first column in the output lists the user that that process is running at. Here's an excerpt of my webserver (nginx) on one of my boxes:
www-data 26852 0.0 0.0 29768 3840 ? S Jun04 0:50 nginx: worker process
You can see that nginx runs with the user www-data here. You can also execute the command with grep to help you find the process quicker. Grep will only show you those lines which match what you send to it. Here's an example: ps aux | grep nginx
Ok now that you know what user the webserver is running as, let's try giving that user access to the script. Let's say your script is foo and is located in /usr/local/bin. You would do the following commands:
chown www-data /usr/local/bin/foo
After changing ownership on the file try to rerun your command again from your PHP page and see if it works.
For completeness I also said you could give your webserver user sudo privileges to that file. To do that you would need to append the following line to the bottom of your /etc/sudoers file:
www-data ALL= NOPASSWD: /usr/local/bin/foo
Then your shell_exec command could switch to this:
shell_exec('sudo /usr/local/bin/foo');
Please keep in mind that doing this would allow your webserver user to run the script as root which is incredibly dangerous in a variety of situations. However, the camera may require elevated permissions to work. I'm not sure what the permissions requirements are on the camera setup you are trying to invoke.
Good luck. Hope this helps!
First, I read some threads by people with similar problems but all answers didn't go beyond export DISPLAY=:0.0 and xauth cookies. So here is my problem and thanks in advance for your time!
I have developed a little library which renders shelves using OpenGL and GLSL.
Last few days I wrapped it in a php extension and surprisingly easy it works now.
But the problem is it works only when I execute the php script using the extension from commandline
$php r100.php(i successfuly run this from the http user). The script is in the webroot of apache and if I request it from the browser I get ** CRITICAL **: Unable to open display in apache's error_log.
So, to make things easier to test and to be sure that the problem is not in the library/extension, at the moment I just want to start xmms with following php script.
<?php
echo shell_exec("xmms");
?>
It works only from the shell too.
I've played with apache configuration so much now that I really dont know what to try.
I tried $xhost + && export DISPLAY=:0.0
In the http.conf I have these
SetEnv DISPLAY :0.0 SetEnv XAUTHORITY /home/OpenGL/.Xauthority
So my problem seems to be this:
How can I make apache execute php script with all privileges that the http user has, including the environment?
Additional information:
HTTP is in video and users groups and has a login shell(bash).
I can login as http and execute scripts with no problem and can run GUI programs which show up on display 0.
It seems that apache does not provide the appropriate environment for the script.
I read about some difference between CLI/CGI but cant run xmms with php-cgi too...
Any ideas for additional configuration?
Regards
Sounds bit hazard, but basically you can add even export DISPLAY=:0.0 to apache start-up script (like in Linux /etc/init.d/httpd or apache depending distro).
And "xhost +" need to be run on account which is connected to local X server as user, though I'm only wondering how it will work as php script should only live while apache http request is on-going.
Edit:
Is this is kind of application launcher?, you can spawn this with exec("nohub /usr/bin/php script.php &"); .. now apache should be released and php should continue working in background.
In your console, allow everyone to use the X server:
xhost +
In your PHP script, set the DISPLAY variable while executing the commands:
DISPLAY=:0 glxgears 2>&1