• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 273
  • Last Modified:

Call executable from PHP

Hey, I've compiled a binary on Linux
I've run the following on the binary:

chmod 777 updateBeta;
chmod +s updateBeta;
chown www-data:www-data updateBeta;

I have a PHP script to call it, (user www-data)

echo "updating...";
system("/home/virtual/site1/fst/var/www/updateBeta");

When I call it from the web browser, it only says "updating..." with no output from my binary.

How can I get this binary to execute using the web browser?
0
M256
Asked:
M256
1 Solution
 
CSecurityCommented:
Use this:

function myshellexec($cmd)
{
global $disablefunc;
$result = "";
if (!empty($cmd))
{
  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
  elseif (($result = `$cmd`) !== FALSE) {}
  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
  elseif (is_resource($fp = popen($cmd,"r")))
  {
   $result = "";
   while(!feof($fp)) {$result .= fread($fp,1024);}
   pclose($fp);
  }
}
return $result;
}

Call it like this:

$result = myshellexec("/home/virtual/site1/fst/var/www/updateBeta");

0
 
CSecurityCommented:
you can echo $result to get output binary prints.
0
 
VanHackmanCommented:


I think that the following will work:


Option 1 ------------------------------------

<? php

echo "updating...";

ob_start(); //Initializing output

// Executing and putting output in a $Output

passthru("/home/virtual/site1/fst/var/www/updateBeta"); 

$Output = ob_get_contents();

ob_end_clean(); // Cleaning Output.

// Using $Output wherever you want.

print_r($Output);

?>

Option 2 ------------------------------------

<? php

echo "updating...";
passthru("/home/virtual/site1/fst/var/www/updateBeta"); 

?>

Open in new window

0
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

 
CSecurityCommented:
My function tries all possible ways, all functions, system function, exec function, passthru function... So no failure
0
 
M256Author Commented:
$result = myshellexec("/home/virtual/site1/fst/var/www/updateBeta");
var_dump($result);

---

string(0) "" 

Sadly, no update...
0
 
VanHackmanCommented:
Do you try my code snippets ?...
0
 
CSecurityCommented:
Not needed to var_dump, simply echo it. If you don't see anything in $result:

1) Your PHP safe mode is enabled
2) Your user www-data have not valid access to execute that binary. Permission problem.
0
 
CSecurityCommented:
3) Your server added passthru, exec, system to disabled functions list.

Check safe mode and disabled functions, then check permission
0
 
valainCommented:
Hi,

Might not be the solution, but it is generally considered a very bad thing to do if you execute shell commands from within your PHP code, for obvious security risks. I'd go about this differently, but this only works if you don't need realtime execution :

1) Let your PHP script create a (temporary) signal file, like "runmystuff.now".
2) Have a CRON job run a shell script that checks for the existence of this signal file: if it exists, delete it and run your required script.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now