当我尝试使用exec和shell_exe运行shell脚本时,没有任何反应!
当我使用那些命令ls或whoami运行所有工作时。
它可能是什么?
答案 0 :(得分:1)
你回应输出吗?
echo exec('ls');
您是否启用了safe_mode?
phpinfo();
当是:(来自手册)
注意:启用安全模式后,您只能执行安全模式 safe_mode_exec_dir之。出于实际原因,目前不允许这样做 在可执行文件的路径中包含..组件。
尝试使用
调用execexec('...pathtoyourbashscript...', $out, $return);
然后
echo $return;
如果显示127可能路径错误。
同时检查权限。用户'nobody'可能是apache用户,需要访问和执行脚本的权限。
您可以通过运行
来更改权限 chmod 755 pathtouyourscript
这意味着“我不介意其他人阅读或运行此文件,但只有我能够修改它”。
答案 1 :(得分:0)
如果您正在使用Apache,请检查以确保Apache用户具有执行php文件所需的权限。
答案 2 :(得分:0)
您可以使用反射来确定是否已使用disable_functions禁用该功能。
$exec = new ReflectionFunction('exec');
print $exec->isDisabled() ? 'Disabled' : 'Enabled';
答案 3 :(得分:0)
如果该程序是基于Web的,即Linux,请尝试制作一个php文件来处理shell。 和一个shell文件来处理php ..
例如:runAllShell.php文件可以包含循环。:
from tkinter import *
import subprocess
#from tkinter.filedialog import asksaveasfilename
#save file
#saveFile = asksaveasfilename()
#print("You can write data to " + saveFile)
startup = Tk()
names = ["about","accounts","admin","administrador","administrator","ads","adserver","adsl","agent","blog","channel","client","dmz","dns","dns0","dns1","dns2","dns3","external","file","forum","forums","ftp","ftpserver","host","http",
"https","ids","intern","intranet","irc","linux","log","mail","map","member","members","name","nc","ns","ntp","ntserver","office","pop","pptp","print","printer","pub","public","root","route","router","server","smtp","sql","ssh","telnet",
"voip","webaccess","webadmin","webserver","website","win","windows","www","xml"]
nslookup= IntVar()
def cmdnslookup():
domain='microsoft.com'
process = "dig "+domain+" ns > NameServerLookup.txt"
subprocess.Popen(process, shell=True)
def cmdmxlookup():
domain='microsoft.com'
process = "dig "+domain+" mx > MailServerLookup.txt"
subprocess.Popen(process, shell=True)
def cmdipForward():
for name in names:
domain='www.stcloudstate.edu'
process = "host "+name+"."+domain+" | grep 'has address' >> ForwardIPLookup.txt"
subprocess.Popen(process, shell=True)
##def cmdipReverse():
##
##def cmdipAdditional():
##
##def cmdzoneTransfer():
##
##def cmdoneSixtyOne():
##
##def cmdsnmp():
##
##def cmdrpc():
##
##def cmdip():
##
def close():
startup.destroy()
def menu():
startup.title("Wilson Recon Tool")
menubar = Menu(startup)
filemenu = Menu(menubar, tearoff=0)
filemenu.add_command(label="Close", command=close)
menubar.add_cascade(label="file", menu=filemenu)
startup.config(menu=menubar)
topFrame = Frame(startup)
topFrame.pack()
bottomFrame = Frame(startup)
bottomFrame.pack(side=BOTTOM)
about = Label(topFrame, text="Application Description", font="ariel 10 bold").grid(row=0, column=0, sticky=W)
description = StringVar()
description.set("This is a network recon tool. It's designed to help make reconassiance easier for those not familar with terminal based tools." )
message = Message(topFrame, textvariable=description, width=250)
message.grid(row=1,column=0)
recon = Label(bottomFrame, text="Recon Information", font="ariel 10 bold")
recon.grid(row=0,column=0,pady=5,sticky=W)
global nslookup
nslookup = Checkbutton(bottomFrame, text="Name Server Lookup",variable=nslookup)
nslookup.grid(row=1,column=0,sticky=W)
mxlookup= IntVar()
mxlookup = Checkbutton(bottomFrame, text="Mail Server Lookup",variable=mxlookup)
mxlookup.grid(row=2,column=0,sticky=W)
ipForward= IntVar()
ipForward = Checkbutton(bottomFrame, text="Forward Domain Lookup",variable=ipForward)
ipForward.grid(row=3,column=0,sticky=W)
ipReverse= IntVar()
ipReverse = Checkbutton(bottomFrame, text="Reverse Domain Lookup",variable=ipReverse)
ipReverse.grid(row=4,column=0,sticky=W)
ipAdditional= IntVar()
ipAdditional = Checkbutton(bottomFrame, text="Additional IPs Check",variable=ipAdditional, state=DISABLED)
ipAdditional.grid(row=5,column=0,sticky=W)
zoneTransfer= IntVar()
zoneTransfer = Checkbutton(bottomFrame, text="Zone Transfer Check",variable=zoneTransfer, state=DISABLED)
zoneTransfer.grid(row=6,column=0,sticky=W)
oneSixtyOne= IntVar()
oneSixtyOne = Checkbutton(bottomFrame, text="Onesixtyone",variable=oneSixtyOne)
oneSixtyOne.grid(row=7,column=0,sticky=W)
snmp= IntVar()
snmp = Checkbutton(bottomFrame, text="SNMPWalk",variable=snmp)
snmp.grid(row=8,column=0,sticky=W)
rpc= IntVar()
rpc = Checkbutton(bottomFrame, text="RPC Client using NETBIOS",variable=rpc, state=DISABLED)
rpc.grid(row=9,column=0,sticky=W)
otherNetwork = Label(bottomFrame, text="Other Network Information", font="ariel 10 bold")
otherNetwork.grid(row=10,column=0,pady=5,sticky=W)
ip= IntVar()
ip = Checkbutton(bottomFrame, text="Local Machine",variable=ip)
ip.grid(row=11,column=0,sticky=W)
## nslookup.pack()
## mxlookup.pack()
## ipForward.pack()
## ipReverse.pack()
## ipAdditional.pack()
## zoneTransfer.pack()
## oneSixtyOne.pack()
## snmp.pack()
## rpc.pack()
## ip.pack()
def cmdrunButton():
global nslookup
nslookup.get()
mxlookup.get()
ipForward.get()
ipReverse.get()
ipAdditional.get()
zoneTransfer.get()
oneSixtyOne.get()
snmp.get()
rpc.get()
ip.get()
print(nslookup)
runButton = Button(bottomFrame, text="Run", command=cmdrunButton)
runButton.grid(row=12, padx=3,pady=3,column=0,sticky=W)
quitButton = Button(bottomFrame, text="Quit",command=close)
quitButton.grid(row=12, padx=3,pady=3,column=1,sticky=E)
## runButton.pack()
## quitButton.pack()
startup.mainloop()
menu()
确保目录中的所有.sh文件都是按字母顺序排列的,以便它可以工作,例如:1.sh 2.sh 3.sh等。
祝你好运, AT