cmd命令使用php功能拒绝访问 [英] Getting access is denied for cmd command using php function

问题描述

我在IIS 6下运行PHP。

当我使用任何PHP函数运行cmd命令（如 exec c $ c>或 system（）），它总是显示访问被拒绝。

ipconfig 显示相同的访问被拒绝错误。我已经给我的项目文件夹的所有权限，但它没有工作。

请让我知道任何人的原因。

<当使用 exec 执行一些命令时，该命令将使用运行IIS的用户帐户执行（这在IIS 6上通常是 IUSR_«机器名»），因此您的项目的权限与此无关。

您需要做的是让机会的权限 C：\Windows \System32\cmd.exe 并添加权限 IUSR_«机器名»。

除此之外，您可能需要使用CACLS来更改访问控制列表。在执行PHP的用户的以下命令中替换 IUSR_MachineName ，然后执行此命令：

  CACLS c：\windows\system32\cmd.exe / E / G IUSR_MachineName：F 
  

$ b b

如果您遇到错误并且无法更改ACL，则最后一个资源是先执行以下命令：

  takeown / F c：\windows\system32\cmd.exe 
  

需要为您尝试执行的命令设置正确的权限和ACL（例如 C：\Windows \System32\schtasks.exe ）

请注意：谨慎操作。如果你有一些漏洞，允许你的用户执行命令，它可以有讨厌的后果。

I am running PHP under IIS 6.

When I use any PHP function to run cmd commands (like exec() or system()), it always shows "Access is denied".

Even commands like ipconfig are showing same "access is denied" error. I have given all the permission to my project folder but it did not work.

Please let me know anyone the cause of it.

解决方案

When you execute some command using exec, that command will be executed with the user account that is running IIS (which tipically is IUSR_«machine-name» on IIS 6), so your project's permissions don't have nothing to do with this.

What you need to do is to chance the permissions of the file C:\Windows\System32\cmd.exe and add permissions for IUSR_«machine-name».

Besides this, you'll probably need to use CACLS to change the access control list. Replace IUSR_MachineName on the following command for the user executing PHP and then execute this command:

CACLS c:\windows\system32\cmd.exe /E /G IUSR_MachineName:F

If you get an error and can't change the ACL, your last resource is to execute the following command first:

takeown /F c:\windows\system32\cmd.exe

You also might need to set the correct permissions and ACL for the commands you're trying to execute (for eg C:\Windows\System32\schtasks.exe)

Note: Do this with caution though. If you have some vulnerability that allows your users to execute commands, it can have nasty consequences.

这篇关于cmd命令使用php功能拒绝访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！