gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update exectool.php

Browse Source
This commit is contained in:
Namhyeon Go 2018-07-22 23:36:44 +09:00 committed by GitHub
parent 313d4d0598
commit 5e1879682b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 152 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

300
helper/exectool.php
View File

@ -7,163 +7,167 @@
*/
/*
exec_test() executes a command (like "whoami") with different
PHP functions in order to figure out which fuctions are supported
in the webserver configuration. The function execTests returns an array, which
contains names of all successful tested PHP functions.
*/
function exec_test() {
$cmd = "whoami";
$cmdPath = "/usr/bin/whoami";
$return = "";
$output = "";
$methodArray = array();
* exec_test() executes a command (like "whoami") with different
* PHP functions in order to figure out which fuctions are supported
* in the webserver configuration. The function execTests returns an array, which
* contains names of all successful tested PHP functions.
*/
if(!function_exists("exec_test")) {
function exec_test() {
$cmd = "whoami";
$cmdPath = "/usr/bin/whoami";
$return = "";
$output = "";
$methodArray = array();
// Testing system()
$return = ""; $output = "";
ob_start();
$output = system("$cmd 2>&1", $return);
ob_end_clean();
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "system";
}
// Testing system()
$return = ""; $output = "";
ob_start();
$output = system("$cmd 2>&1", $return);
ob_end_clean();
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "system";
}
// Testing exec()
$return = ""; $output = "";
exec($cmd, $output, $return);
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "exec";
// Testing exec()
$return = ""; $output = "";
exec($cmd, $output, $return);
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "exec";
}
// Testing shell_exec()
$return = ""; $output = "";
$output = shell_exec($cmd);
if (strlen($output) > 0) {
$methodArray[] = "shell_exec";
}
// Testing backticks
$return = ""; $output = "";
$output = `$cmd`;
if (strlen($output) > 0) {
$methodArray[] = "backticks";
}
// Testing passthru()
$return = ""; $output = "";
ob_start();
passthru($cmd, $return);
$output = ob_get_contents();
ob_end_clean();
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "passthru";
}
// Testing popen()
$return = ""; $output = "";
$handle = popen($cmdPath, "r");
$output = fread($handle, 2096);
pclose($handle);
if (strlen($output) > 0) {
$methodArray[] = "popen";
}
// Testing proc_open()
$return = ""; $output = "";
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "/tmp/error-output.txt", "a") // stderr is a file to write to
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($cmd, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
// $pipes now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
// Any error output will be appended to /tmp/error-output.txt
$output = stream_get_contents($pipes[1]);
fclose($pipes[1]);
// It is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return = proc_close($process);
}
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "proc_open";
}
return $methodArray;
}
// Testing shell_exec()
$return = ""; $output = "";
$output = shell_exec($cmd);
if (strlen($output) > 0) {
$methodArray[] = "shell_exec";
}
// Testing backticks
$return = ""; $output = "";
$output = `$cmd`;
if (strlen($output) > 0) {
$methodArray[] = "backticks";
}
// Testing passthru()
$return = ""; $output = "";
ob_start();
passthru($cmd, $return);
$output = ob_get_contents();
ob_end_clean();
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "passthru";
}
// Testing popen()
$return = ""; $output = "";
$handle = popen($cmdPath, "r");
$output = fread($handle, 2096);
pclose($handle);
if (strlen($output) > 0) {
$methodArray[] = "popen";
}
// Testing proc_open()
$return = ""; $output = "";
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "/tmp/error-output.txt", "a") // stderr is a file to write to
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($cmd, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
// $pipes now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
// Any error output will be appended to /tmp/error-output.txt
$output = stream_get_contents($pipes[1]);
fclose($pipes[1]);
// It is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return = proc_close($process);
}
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "proc_open";
}
return $methodArray;
}
/*
exec_command() executes a command (like "whoami") with the submited method
*/
function exec_command($command, $method) {
if ($method == "") {
* exec_command() executes a command (like "whoami") with the submited method
*/
if(!function_exists("exec_command")) {
function exec_command($command, $method) {
if ($method == "") {
// ob_start() will turn on output buffering to collect all output from
// exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection")
ob_start();
$methodArray = exec_test();
ob_end_clean();
// ob_start() will turn on output buffering to collect all output from
// exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection")
ob_start();
$methodArray = exec_test();
ob_end_clean();
if (is_array($methodArray)) {
$method = $methodArray[0];
}
else {
echo "[!] No method availabe";
exit;
}
}
switch ($method) {
case "system":
system("$command 2>&1");
break;
case "exec":
exec($command, $output);
var_dump($output);
break;
case "shell_exec":
echo shell_exec($command);
break;
case "backticks":
echo `$command`;
break;
case "passthru":
echo passthru($command);
break;
case "popen":
$handle = popen($command, "r");
echo fread($handle, 2096);
pclose($handle);
break;
case "proc_open":
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/tmp/error-output.txt", "a")
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
if (is_array($methodArray)) {
$method = $methodArray[0];
}
break;
else {
echo "[!] No method availabe";
exit;
}
}
default:
echo "[!] No method defined";
break;
switch ($method) {
case "system":
system("$command 2>&1");
break;
case "exec":
exec($command, $output);
var_dump($output);
break;
case "shell_exec":
echo shell_exec($command);
break;
case "backticks":
echo `$command`;
break;
case "passthru":
echo passthru($command);
break;
case "popen":
$handle = popen($command, "r");
echo fread($handle, 2096);
pclose($handle);
break;
case "proc_open":
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/tmp/error-output.txt", "a")
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
}
break;
default:
echo "[!] No method defined";
break;
}
}
}