Due to the limitations of the implementation of Web Server and PHP, it is difficult for us to use PHP to call some programs in Linux that require root permissions to execute in the real environment. To this, I found another way to bypass it from the Internet. this restriction. First, write a c program to transfer the system command, and then use PHP to execute the c program.
c program
First write a c file, such as /usr/local/ismole/w.c
<ol class="dp-c">
<li class="alt"><span><span class="comment">//note 由于wordpress编辑器的原因,请将此代码中头文件多余的空格去除 </span> </span></li>
<li><span><span class="preprocessor">#include < stdio.h> </span> </span></li>
<li class="alt"><span><span class="preprocessor">#include < stdlib.h> </span> </span></li>
<li><span><span class="preprocessor">#include < systypes.h> </span> </span></li>
<li class="alt"><span><span class="preprocessor">#include < unistd.h> </span><span> </span></span></li>
<li><span> </span></li>
<li class="alt">
<span class="keyword">int</span><span> main() </span>
</li>
<li><span>{ </span></li>
<li class="alt"><span> uid_t uid ,euid; </span></li>
<li><span> </span></li>
<li class="alt">
<span> </span><span class="comment">//note 获得当前的uid </span><span> </span>
</li>
<li><span> uid = getuid(); </span></li>
<li class="alt">
<span> </span><span class="comment">//note 获得当前euid </span><span> </span>
</li>
<li><span> euid = geteuid(); </span></li>
<li class="alt"><span> </span></li>
<li>
<span> </span><span class="comment">//note 交换这两个id </span><span> </span>
</li>
<li class="alt">
<span> </span><span class="keyword">if</span><span>(setreuid(euid, uid)) </span>
</li>
<li>
<span> perror(</span><span class="string">"setreuid"</span><span>); </span>
</li>
<li class="alt"><span> </span></li>
<li>
<span> </span><span class="comment">//note 执行将要执行linux系统命令 </span><span> </span>
</li>
<li class="alt">
<span> system(</span><span class="string">"/usr/bin/w"</span><span>); </span>
</li>
<li>
<span> </span><span class="keyword">return</span><span> 0; </span>
</li>
<li class="alt"><span>} </span></li>
</ol>//note Due to the WordPress editor, please remove the extra spaces from the header file in this code
Compile the file gcc -o ipt -Wall w.c, and the program w will be generated in the current directory.
Change the owner of this program chmod u+s ./w.
PHP execution
The content of the file is as follows. If placed in the web directory, the current server load will be output when accessed.
<ol class="dp-c">
<li class="alt"><span><span>< ?php </span></span></li>
<li>
<span class="comment">//note key的验证过程 </span><span> </span>
</li>
<li class="alt">
<span class="keyword">if</span><span>(</span><span class="vars">$key</span><span> != </span><span class="vars">$authkey</span><span>) { </span>
</li>
<li>
<span class="comment">// exit(key error); </span><span> </span>
</li>
<li class="alt"><span>} </span></li>
<li><span> </span></li>
<li class="alt">
<span class="vars">$last_line</span><span> = </span><span class="func">exec</span><span>(</span><span class="string">/usr/local/ismole/w</span><span>, </span><span class="vars">$retval</span><span>); </span>
</li>
<li><span> </span></li>
<li class="alt">
<span class="vars">$returnArray</span><span> = </span><span class="func">explode</span><span>(</span><span class="string">"load average: "</span><span>, </span><span class="vars">$retval</span><span>[0]); </span>
</li>
<li>
<span class="vars">$returnString</span><span> = </span><span class="vars">$returnArray</span><span>[1]; </span>
</li>
<li class="alt"><span> </span></li>
<li>
<span class="func">echo</span><span> </span><span class="vars">$returnString</span><span>; </span>
</li>
</ol>According to the above example, we can use PHP to do any Linux system commands we want to execute, SVN updates, server monitoring, backup, recovery, daily maintenance, etc. For example, "Using SVN to build a test server"
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
