php还是apache?exec、popen、system 和 proc_open 命令不执行任何命令,甚至 ls

2022-01-23 00:00:00 command php apache

我的问题是从我的 php 主页执行任何命令

My problem is with executing any command from my php homepage

解决了一半,我的 pythonscript 正在运行,但是 pythonscript 没有执行其模块的权限

Half solved, I got my pythonscript running but futher on the pythonscript does not have permission to execute its modules

但我开始认为问题出在 apache 而不是 php?我试图运行一个实际上是我最终要运行的pythonscript,然后它似乎运行但当脚本试图访问一个看起来像这样的txt文件时停止

but i´m starting to think that the problem is with apache and not php? i tried to run a pythonscript that is actually what i´m going to run in the end, then it seems to run but stops when the script tries to access a txt file looking like this

[stdout] =>
[stderr] => Traceback (most recent call last): 
 File "pythontest.py", line 4, in ? f = open("(path)/temp.txt", "w") 
 IOError: [Errno 13] Permission denied: '(path)/temp.txt'

我已经尝试了所有不同类型的执行方法,我可以找到 exec、system、popen、proc_open 几乎没有运行,我可以从 system("pwd") 获取字符串但 system("ls") 返回一个数字 127或 126.我还尝试运行已编译的 c 程序(代码如下) exec 将返回一个对象Array",但系统只会像 ls 一样返回 127 或 126.

I have tried all different kind of execution methods that i could find exec, system, popen, proc_open almost nothing runs, i can get a string from system("pwd") but system("ls") returns a number 127 or 126. I also tried to run a compiled c program (code below) exec will return an object "Array" but system will only return 127 or 126 as ls does.

我还试图从数组"对象中获取值?从 exec 但它什么也不返回,如果我 php print_R Array 页面将不会加载.

Also I tried to get the values out of the "Array" object? from exec but it returns nothing, if I php print_R Array the page won´t load.

php 输出是(下面的代码)-> a: , out1: 126, t[[0]: , strlen out: 5, out: Array, t:不管我实际提出了多少论据!

the php output is (code below)-> a: , out1: 126, t[[0]: , strlen out: 5, out: Array, t: no matter how many arguments i actually put in!

ls 的完整路径为 126,而ls"则为数字 127

the full path to ls gives 126 and just "ls" gives the number 127

我已测试将所有文​​件 chmod 为完全权限,从 page.php 到测试程序,但它仍然给出相同的输出

i have tested to chmod all files to full permission, from the page.php to test program but it still gives the same output

php 安全模式已关闭

php safe mode is off

echo '<pre>';
print_r(execute('ls'))
echo '</pre>';

返回

array
(
    [stdout] => 
    [stderr] => sh: /var/www/html/grndb/upscgenesearch/test1: Permission denied

    [return] => 126
)

为什么当 test1 程序具有完全权限时它给我 Permission denied ?

why does it give me Permission denied when the test1 program has full permission?

<?php
$a = system("/bin/ls",$out1);
echo "a: "; echo $a;
echo ", out1: "; echo $out1;
$t = exec('pwd/test1 aa hh 11',$out);

foreach ($t as &$value) {
    echo ($value);
}

echo ", t[[0]: "; echo $t[0]; 
echo ", strlen out: "; echo strlen($out);
echo ", out: "; echo $out; 
echo ", t: "; echo $t;
?>

C 源代码

int main(int argc, char *argv[])
{
int i;

for(i = 0; i < argc; i++)
printf("arg %d: %s
", i, argv[i]);
return 0;
}

推荐答案

这里还有一个函数要添加到列表中:)

Here's another functions to add to the list :)

/**
 * Executes a program and waits for it to finish, taking pipes into account.
 * @param string $cmd Command line to execute, including any arguments.
 * @param string $input Data for standard input.
 * @return array Array of "stdout", "stderr" and "return".
 * @copyright 2011 K2F Framework / Covac Software
 */
function execute($cmd,$stdin=null){
    $proc=proc_open($cmd,array(0=>array('pipe','r'),1=>array('pipe','w'),2=>array('pipe','w')),$pipes);
    fwrite($pipes[0],$stdin);                      fclose($pipes[0]);
    $stdout=stream_get_contents($pipes[1]);        fclose($pipes[1]);
    $stderr=stream_get_contents($pipes[2]);        fclose($pipes[2]);
    $return=proc_close($proc);
    return array( 'stdout'=>$stdout, 'stderr'=>$stderr, 'return'=>$return );
}

您的案例的使用示例:

echo '<pre>';
print_r(execute('ls'));
echo '</pre>';

上面的函数提供了比直接使用 PHP 更多的功能.它可以帮助您进行调试,尽管它更适用于生产代码.

The function above is offers more features than using the PHP ones directly. It could help you at debugging, though it's more intended for production code.

一般来说,这是你应该注意的:

In general, this is what you should be aware off:

  • 您未处于安全模式
  • 您的可执行文件确实存在
  • 您的可执行文件是可运行的 - 知道 FTP 客户端经常使用 ASCII/文本模式,更改上传文件中的 CRLF 从而损坏它们
  • 确保对您的可执行文件进行 chmod 至少 755
  • You're not under safe mode
  • Your executable does exist
  • Your executable is runnable - know that FTP clients often use ASCII/Text mode, changing CRLFs in uploaded files thus corrupting them
  • Be sure to chmod your executable at least 755

相关文章