gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update exectool.php

Browse Source
This commit is contained in:
Namhyeon Go 2018-07-22 23:36:44 +09:00 committed by GitHub
parent 313d4d0598
commit 5e1879682b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 152 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

300
helper/exectool.php
View File

@ -7,163 +7,167 @@
*/ */
/* /*
exec_test() executes a command (like "whoami") with different * exec_test() executes a command (like "whoami") with different
PHP functions in order to figure out which fuctions are supported * PHP functions in order to figure out which fuctions are supported
in the webserver configuration. The function execTests returns an array, which * in the webserver configuration. The function execTests returns an array, which
contains names of all successful tested PHP functions. * contains names of all successful tested PHP functions.
*/ */
function exec_test() { if(!function_exists("exec_test")) {
$cmd = "whoami"; function exec_test() {
$cmdPath = "/usr/bin/whoami"; $cmd = "whoami";
$return = ""; $cmdPath = "/usr/bin/whoami";
$output = ""; $return = "";
$methodArray = array(); $output = "";
$methodArray = array();
// Testing system() // Testing system()
$return = ""; $output = ""; $return = ""; $output = "";
ob_start(); ob_start();
$output = system("$cmd 2>&1", $return); $output = system("$cmd 2>&1", $return);
ob_end_clean(); ob_end_clean();
if (strlen($output) > 0 && $return == 0) { if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "system"; $methodArray[] = "system";
} }
// Testing exec() // Testing exec()
$return = ""; $output = ""; $return = ""; $output = "";
exec($cmd, $output, $return); exec($cmd, $output, $return);
if (strlen($output[0]) > 0 && $return == 0) { if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "exec"; $methodArray[] = "exec";
}
// Testing shell_exec()
$return = ""; $output = "";
$output = shell_exec($cmd);
if (strlen($output) > 0) {
$methodArray[] = "shell_exec";
}
// Testing backticks
$return = ""; $output = "";
$output = `$cmd`;
if (strlen($output) > 0) {
$methodArray[] = "backticks";
}
// Testing passthru()
$return = ""; $output = "";
ob_start();
passthru($cmd, $return);
$output = ob_get_contents();
ob_end_clean();
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "passthru";
}
// Testing popen()
$return = ""; $output = "";
$handle = popen($cmdPath, "r");
$output = fread($handle, 2096);
pclose($handle);
if (strlen($output) > 0) {
$methodArray[] = "popen";
}
// Testing proc_open()
$return = ""; $output = "";
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "/tmp/error-output.txt", "a") // stderr is a file to write to
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($cmd, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
// $pipes now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
// Any error output will be appended to /tmp/error-output.txt
$output = stream_get_contents($pipes[1]);
fclose($pipes[1]);
// It is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return = proc_close($process);
}
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "proc_open";
}
return $methodArray;
} }
// Testing shell_exec()
$return = ""; $output = "";
$output = shell_exec($cmd);
if (strlen($output) > 0) {
$methodArray[] = "shell_exec";
}
// Testing backticks
$return = ""; $output = "";
$output = `$cmd`;
if (strlen($output) > 0) {
$methodArray[] = "backticks";
}
// Testing passthru()
$return = ""; $output = "";
ob_start();
passthru($cmd, $return);
$output = ob_get_contents();
ob_end_clean();
if (strlen($output[0]) > 0 && $return == 0) {
$methodArray[] = "passthru";
}
// Testing popen()
$return = ""; $output = "";
$handle = popen($cmdPath, "r");
$output = fread($handle, 2096);
pclose($handle);
if (strlen($output) > 0) {
$methodArray[] = "popen";
}
// Testing proc_open()
$return = ""; $output = "";
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "/tmp/error-output.txt", "a") // stderr is a file to write to
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($cmd, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
// $pipes now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
// Any error output will be appended to /tmp/error-output.txt
$output = stream_get_contents($pipes[1]);
fclose($pipes[1]);
// It is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return = proc_close($process);
}
if (strlen($output) > 0 && $return == 0) {
$methodArray[] = "proc_open";
}
return $methodArray;
} }
/* /*
exec_command() executes a command (like "whoami") with the submited method * exec_command() executes a command (like "whoami") with the submited method
*/ */
function exec_command($command, $method) { if(!function_exists("exec_command")) {
if ($method == "") { function exec_command($command, $method) {
if ($method == "") {
// ob_start() will turn on output buffering to collect all output from // ob_start() will turn on output buffering to collect all output from
// exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection") // exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection")
ob_start(); ob_start();
$methodArray = exec_test(); $methodArray = exec_test();
ob_end_clean(); ob_end_clean();
if (is_array($methodArray)) { if (is_array($methodArray)) {
$method = $methodArray[0]; $method = $methodArray[0];
}
else {
echo "[!] No method availabe";
exit;
}
}
switch ($method) {
case "system":
system("$command 2>&1");
break;
case "exec":
exec($command, $output);
var_dump($output);
break;
case "shell_exec":
echo shell_exec($command);
break;
case "backticks":
echo `$command`;
break;
case "passthru":
echo passthru($command);
break;
case "popen":
$handle = popen($command, "r");
echo fread($handle, 2096);
pclose($handle);
break;
case "proc_open":
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/tmp/error-output.txt", "a")
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
} }
break; else {
echo "[!] No method availabe";
exit;
}
}
default: switch ($method) {
echo "[!] No method defined"; case "system":
break; system("$command 2>&1");
break;
case "exec":
exec($command, $output);
var_dump($output);
break;
case "shell_exec":
echo shell_exec($command);
break;
case "backticks":
echo `$command`;
break;
case "passthru":
echo passthru($command);
break;
case "popen":
$handle = popen($command, "r");
echo fread($handle, 2096);
pclose($handle);
break;
case "proc_open":
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/tmp/error-output.txt", "a")
);
$cwd = '/tmp';
$env = array('some_option' => 'aeiou');
$process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
if (is_resource($process)) {
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
}
break;
default:
echo "[!] No method defined";
break;
}
} }
} }