I made a shell script that detects network interfagces then for each interface it detects the IP address, mask, broadcast address, then it makes a ping to all IP addresses for this network interface.
我创建了一个shell脚本来检测网络交互,然后为每个接口检测IP地址,掩码,广播地址,然后对该网络接口的所有IP地址进行ping操作。
The script has execute permissions. Normally, the script will save the list of network interfaces (eth0 eth1 wlan0) in a file called "resultat" but when I run this script from a web page with php's shell_exec command (echo 'password for www-data user' | / usr/lib/cgi-bin/sudo -S global.sh bin/bash/") no output is generated.
该脚本具有执行权限。通常,脚本会将网络接口列表(eth0 eth1 wlan0)保存在名为“resultat”的文件中,但是当我使用php的shell_exec命令从网页运行此脚本时(echo-password for www-data user'| / usr) / lib / cgi-bin / sudo -S global.sh bin / bash /“)没有生成输出。
If I run the same script as user www-data in the terminal, the result file is correctly populated.
如果我在终端中运行与用户www-data相同的脚本,则会正确填充结果文件。
The script:
#!/bin/bash
##### paramères relatives au connexion à la base de données
HOST_BDD="localhost"
LOGIN="root"
PASSWD="password"
NOM_BDD="dbnessus"
##### ces requettes pour vider les tables avant de faire la detection
vider2="TRUNCATE machine_connecte"
echo $vider2 | /usr/bin/mysql -h $HOST_BDD
-u $LOGIN -p$PASSWD -s $NOM_BDD
vider1="TRUNCATE interfaces"
echo $vider1 | /usr/bin/mysql -h $HOST_BDD
-u $LOGIN -p$PASSWD -s $NOM_BDD
initialise="ALTER TABLE machine_connecte AUTO_INCREMENT=0"
echo $initialise | /usr/bin/mysql -h $HOST_BDD
-u $LOGIN -p$PASSWD -s $NOM_BDD
#######################################################
/usr/lib/cgi-bin/get_interface.sh > /usr/lib/cgi-bin/liste_interfaces
while read line;
do
ip=$(/usr/lib/cgi-bin/get_ip.sh $line)
mask=$(/usr/lib/cgi-bin/get_netmask.sh $line)
bcast=$(/usr/lib/cgi-bin/get_bcast.sh $line)
###fonction is_alive_ping
is_alive_ping()
{
ping -i 100 -c 1 $1 > /dev/null 2> /dev/null
[ $? -eq 0 ] && echo $i >>/usr/lib/cgi-bin/resultat
}
cat /dev/null >/usr/lib/cgi-bin/resultat;
#########
###division des octet d'adresse de broadcst
if [ "$ip" != "" ]
then
i1="$(echo $bcast |cut -d"." -f1)"
i2="$(echo $bcast |cut -d"." -f2)"
i3="$(echo $bcast |cut -d"." -f3)"
i4="$(echo $bcast |cut -d"." -f4)"
fi
### { HostID / NetworkID } / classe du réseau
##################### A.255.255.255 Classe A
if [ "$i2" == "255" ]
then
for i in "$i1".{1..254}.{1..254}.{1..254}
do
is_alive_ping $i & disown
done
fi
##################### A.B.255.255 Classe B
if [ "$i2" != "255" ] && [ "$i3" == "255" ]
then
for i in "$i1.$i2".{1..254}.{1..254}
do
is_alive_ping $i & disown
done
fi
##################### A.B.C.255 Classe C
if [ "$i2" != "255" ] && [ "$i3" != "255" ]&& [ "$i4" == "255" ]
then
for i in "$i1.$i2.$i3".{1..254}
do
is_alive_ping $i & disown
done
fi
################
while read ip_up;
do
hostname=$(/usr/bin/resolveip -s $ip_up 2>/dev/null)
if [ "$hostname" == "" ]
then
hostname="*"
fi
mac=$(/usr/sbin/arp -a $ip_up |cut -d" " -f4)
if [ "$ip_up" == "$ip" ]
then
mac=$(/sbin/ifconfig $line |grep 'HWaddr'|grep -v '127.0.0.1'|awk '{ print $5}')
fi
OS=$( /usr/bin/nmap -A $ip_up |grep "Service Info:" |awk '{print $4,$5}' )
if [ "$OS" == "Unix, Linux" ] || [ "$OS" == "Linux" ]
then
OS="Linux"
elif [ "$OS" == "Windows " ]
then
OS="Windows"
else
OS="*"
fi
#sql1="INSERT INTO dbnessus.interfaces (nom_interface)VALUES ('$line');"
sql1="INSERT IGNORE INTO dbnessus.interfaces (nom_interface)VALUES ('$line');"
sql2="INSERT INTO dbnessus.machine_connecte (idmachine ,ip_mach ,mask_mach,
nom_mach,mac_mach ,os_mach ,interfaces_nom_interface)VALUES ( NULL, '$ip_up',
'$mask', '$hostname', '$mac', '$OS', '$line');"
echo $sql1 | /usr/bin/mysql -h $HOST_BDD -u $LOGIN -p$PASSWD -s $NOM_BDD
echo $sql2 | /usr/bin/mysql -h $HOST_BDD -u $LOGIN -p$PASSWD -s $NOM_BDD
done < /usr/lib/cgi-bin/resultat
ip=""
done < /usr/lib/cgi-bin/liste_interfaces
echo "cbon"
1 个解决方案
#1
1
Several ideas:
- Check if
shell_execis inphp.ini'sdisabled_functions(php.ini: disabled_functions) - make sure PHP is not running in safe mode (php.ini:
safe_mode) - make sure php-fpm process (if using php-fpm) or https (if using apxs) works under sufficient privilege (to run the shell script and execute these commands in script) (in this case you can su to that user and see if you can run it from bash)
检查shell_exec是否在php.ini的disabled_functions中(php.ini:disabled_functions)
确保PHP没有以安全模式运行(php.ini:safe_mode)
确保php-fpm进程(如果使用php-fpm)或https(如果使用apxs)在足够的权限下工作(运行shell脚本并在脚本中执行这些命令)(在这种情况下,你可以su到该用户并查看是否你可以从bash运行它)
Sorry I am unable to think of more so far...
对不起,到目前为止,我无法想到更多......
#1
1
Several ideas:
- Check if
shell_execis inphp.ini'sdisabled_functions(php.ini: disabled_functions) - make sure PHP is not running in safe mode (php.ini:
safe_mode) - make sure php-fpm process (if using php-fpm) or https (if using apxs) works under sufficient privilege (to run the shell script and execute these commands in script) (in this case you can su to that user and see if you can run it from bash)
检查shell_exec是否在php.ini的disabled_functions中(php.ini:disabled_functions)
确保PHP没有以安全模式运行(php.ini:safe_mode)
确保php-fpm进程(如果使用php-fpm)或https(如果使用apxs)在足够的权限下工作(运行shell脚本并在脚本中执行这些命令)(在这种情况下,你可以su到该用户并查看是否你可以从bash运行它)
Sorry I am unable to think of more so far...
对不起,到目前为止,我无法想到更多......