I use an IIS server and I want to execute some shell commands, but do not know exactly what the problem is.
For example, you want to set the time, or to create a new user, or whatever, does absolutely nothing (return null)
<?php
$output = shell_exec("time 11:50 PM");
echo '<pre>';
print_r($output);
echo '</pre>';
?>
And I thought to show username that is connected to see if with Administrator rights or not.
"echo %username%"
instead return my username, it returns me "COMPUTERNAME-PC$"
How can I run shell commands as administrator?
The short answer is you can't as it's configured now. You're restricted to the application pool identity. More than likely you're using the NETWORK SERVICE user, which is why you're getting the PC name as the username.
The solution would be to change the application pool identity to a user that the permissions you need. But you could still run into issues if User Account Control (UAC) is enabled, and you run a command that requires elevation which it sounds like you want to do.
Related
I have a requirement to add a user to my windows 2019 web server from a PHP web application
I am using a command line command:
NET USER sbarker mypassword /ADD /FULLNAME:"Sue Barker" /PASSWORDCHG:NO /PASSWORDREQ:YES /LOGONPASSWORDCHG:NO /EXPIRES:NEVER
This works fine from a standard command line when logged on as administrator on the server (as you would expect).
To implement this from PHP I am using the following, which I believe to be the correct syntax/format:
<?php
$username = "sbarker";
$userpass = "secure1";
$fullname = "Sue Barker";
echo exec("start cmd /C:\Users\Administrator NET USER $username $userpass /ADD /FULLNAME:$fullname /PASSWORDCHG:NO /PASSWORDREQ:YES /LOGONPASSWORDCHG:NO /EXPIRES:NEVER");
?>
This produces no new user, probably because of permissions.
What permissions do I need to set to allow user creation?
What are my liabilities from a security point of view?
Is there a better way of creating a windows user from a PHP web application.
EDIT:
Tried the following with no success:
<?php
$test = shell_exec('C:\\WINDOWS\\system32\\cmd.exe /c 2>&1 "NET USER test test /ADD"');
echo "<pre>$test</pre>";
?>
The result was a System error 5 has occurred. Access is denied. error
After extensive research and dead ends, it looks like Microsoft has locked this down to such an extent that programmatically adding users is not possible. Personally I wish they would give developers the choice to execute batch scripts with elevated privileges rather than 'just saying no'.
The basic answer is that it looks like this is not possible.
I am trying to execute Linux shell command from php but there is no output on web page. If I am trying to execute the php page from linux cosole its working fine.
PHP Code:
<?php
$result = shell_exec('asterisk -rx "core show channels concise"');
$ccount =shell_exec('asterisk -rx "core show channels count"');
echo $result;
echo $ccount;
?>
Above code is not giving any output on web page. But on linux console its woking. e.g.
[abc#host sysadminman]# php myfile.php
Asterisk control socket permissions can also be changed easily in /etc/asterisk.conf:
[files]
astctlpermissions = 0660
astctlowner = root
astctlgroup = apache
astctl = asterisk.ctl
First of all your question is incomplete as you not showing what is expected output. But aside from this you are doing a few common mistakes there.
First you are testing your script as root (# php ...) but your httpd is NOT serving your scripts as root. So your tests are useless. You should switch to right user (most likely www-data and then check to run your script from shell. Most likely it will fail for one of two common reasons - insufficient permissions to run asterisk program or incomplete $PATH not pointing to the place where asterisk is.
I agree to Marcin.
I would suggest you write script to execute those commands and put result to some storage (such as text or database). Use cron to run it in root. Then you read the data from storage on web page.
If you want real time response, you have to run cron all the time though it consume server resource. That is trade-off you have to consider. Its depends on what you wanna achieve from the web site.
Use sudo to run thoes commands as root or Asterisk user. You can configure sudo to allow execution without password to only specific commands.
check disable_functions in php.ini. Mb shell_exec just off for web server
I need to run a linux command from php. So I used ftp_exec() function.
$command='ls -al> /ftp_test/t.log';
if (ftp_exec($ftp_conn,$command))
{
echo "$command executed successfully.";
}
else
{
echo "Execution of $command failed.";
}
But it gives me warning
Warning: ftp_exec(): Unknown SITE command
I have googled and found for ftp_exec "execution via FTP isn't very widely supported. Check that it works on the servers that you intend to connect to before you start coding something that requires this."
Can anybody give me a idea to run a linux command from php ?
If you have the appropriate authorization you may do so via SSH:
$file_list = shell_exec('ssh user#site "ls -la"');
You'll need for user to have an authorized ssh key for site, and the user must be accessible from whatever user is running PHP. This usually boils down to using user wwwrun for both.
Or you can use sudo for added security, by placing the command into a script of its own, then sudoing it:
$file_list = shell_exec('sudo /usr/local/bin/ssh-ls-site');
Now user wwwrun can be allowed to run ssh-ls-site but can't modify its contents, so he can't run arbitrary commands, nor has he access to the ssh authorization key.
The ssh-ls-site can log the request as well as updating a local marker file, and exiting immediately if the file is newer than a certain guard time. This will prevent possible DoS attacks against site (running lots of allowed commands, exhausting resources), and also improve performances; if for example you need to run the command often, you can save the results into a temporary file. Then if this file is found to exist, and is not too old, you just read back its contents instead of asking it to #site, effectively caching the command locally.
I'm trying execute a python script from php function shell_exec(), but this script require root privileges.
The python code is very simple. Using libraries wifi python does a scan of all the SSID and provides in output the information on the various wireless networks to which he had a scan in JSON format. WiFi libraries are scanning using iwlist that requires root privileges. If it is performed by a user who does not have root privileges, it returns only the information referring to the wifi where you are connected.
If I plug in my code the string
<?php
echo 'Current script owner:'. get_current_user ();
?>
I print screen "Current script owner: root", but if I try to run my code
<?php
$ Output = shell_exec ("python /home/acme/XDOMV2/conn1.py");
echo $ output;
?>
It will only return information about the network on which my debian system is connected.
How to use lighttpd webserver and I have followed several guides about getting to the only result of having to re-install lighttpd.
The question is, is there a way to run a python script as root from lighttpd?
Where am I wrong?
I would suggest to run the script as a user with proper privileages.
This will minimize the risk for exploits on the system.
Next step would be ro run the script in a cron environment as that user (or root in the worst case scenario) and deliver the result via a database or a cached environment. You could also deliver the result via sockets or file handles.
Never enable a web environment to run scripts or well anything as root, it's dangerous and not how the software(lighttpd) were meant to operate.
If you're a brave soul:
This question belongs on UnixExchange but you can check this out:
http://www.sunspot.co.uk/Projects/Joggler/lighttpd_as_root.html
And also check the docs for your lighttpd version, running as root is possible but not sound in any way.
How do we determine which user the php script is running under when I run the script on server? Is it running under the same user as apache or phpmyadmin by chance? My question maybe wrongly framed but I want to know which user so that I set appropriate permission for different folders in /var
Execute whoami:
<?php echo exec('whoami'); ?>
If you have posix functions available (enabled by default in most Linux-based environments) then you can use posix_geteuid and posix_getpwuid to get the name of the user (at least in non-Windows environments) like so:
$pwu_data = posix_getpwuid(posix_geteuid());
$username = $pwu_data['name'];
Another (more expensive) way to do it would be to use a shell-executing function like exec to run whoami:
$username = exec('whoami');
or even the backticks (although you may need to trim the linebreak off):
$username = `whoami`;
I personally have only ever needed to get the username of the user running the script for PHP scripts that run in the shell (on the command-line). Typically, scripts that run in the process of building the response to a request that the web server is handling will be run as the web server user, such as www-data, apache, etc. In Apache, the user that runs the apache/httpd processes is set with the User directive.
Important note: get_current_user does NOT give you the username of the user running the script, but instead gives you the OWNER of the script. Some of the answers here (appropriately down-voted) are suggesting to use get_current_user, but that will not give you the username of the user running the current script.
Do not use "whoami". When you execute a process the user will not necessarily be the same as the effective user during running of a script. But in any case "id" would provide much more useful information. Instead call get_current_user(). So simple!
Use this:
echo get_current_user();
Make sure to read the comments because it looks like this answer doesn't actually do what you want.
Use this:
$_SERVER['REMOTE_USER'];
this variable may or may not be set.