如何让shell_exec在IIS 6.0上运行 [英] How to get shell_exec to run on IIS 6.0
问题描述
问题
我有一个使用 shell_exec 运行的PHP脚本一个pdf到文本转换器。为了简化问题,我创建了一个使用 shell_exec 的短脚本来回显 dir 命令的输出。
I have a PHP script that uses shell_exec to run a pdf-to-text converter. To simplify the problem I've created a short script that uses shell_exec to just echo the output of the dir command.
<?php
$cmd = 'C:\\WINDOWS\\system32\\cmd.exe /c ';
echo shell_exec($cmd.' dir');
?>
当我在我的Apache服务器上运行它时,一切都按预期工作。当我切换到IIS时,就好像线路被完全跳过:没有错误,没有输出,没有日志,没有任何东西。
When I run this on my Apache server, everything works as expected. When I switch to IIS, it's as though the line is skipped entirely: no errors, no output, no logs, no nothing.
不幸的是,我需要使用IIS因为我将根据活动目录验证我的用户。
Unfortunately, I need to use IIS because I'm going to authenticate my users against active directory.
这是我到目前为止所尝试的内容:
- 通过
cmd.exe / c发出命令,而不是直接发布 - 提供
阅读&对C:\ WINDOWS \ system32 \ cmd.exe - 给
阅读&执行对C:\ WINDOWS \ system32 \ cmd.exe的IUSR_MACHINENAME的权限 - 给
阅读&执行对C:\ WINDOWS \ system32 \ cmd.exe的Everyone的权限(不用担心,它没有保持这样长,哈哈) - 作为ASAPI模块运行PHP
- 这是我的标准配置
- Issue the command through
cmd.exe /crather than issuing it directly - Give
Read & Executepermission toSERVICEon "C:\WINDOWS\system32\cmd.exe" - Give
Read & Executepermission toNETWORK SERVICEon "C:\WINDOWS\system32\cmd.exe" - Give
Read & Executepermission toIUSR_MACHINENAMEon "C:\WINDOWS\system32\cmd.exe" - Give
Read & Executepermission toEveryoneon "C:\WINDOWS\system32\cmd.exe" (don't worry, it didn't stay like that for long, haha) - Run PHP as an ASAPI module
- This is my standard configuration
- 这不起作用,我收到一个错误:
CGI错误
指定的CGI应用程序由于未返回完整的HTTP标头集而行为不端。
- This does not work, I get an error:
CGI Error The specified CGI application misbehaved by not returning a complete set of HTTP headers.
非常感谢您查看这个问题,我现在正在解决问题
Thank you so much for looking at this question, I am now pulling my hair out with the problem
干杯,
IainCheers, Iain
更新1
I真的不想这样做,但作为一个停止差距,直到我找到一个正确的解决方案,我在Web服务器上运行Apache(运行shell_exec很好),我通过cURL调用我的apache脚本。这很难看,但它有效:)。
I really didn't want to do this, but as a stop gap until I find a proper solution I'm running Apache on the web server (which runs shell_exec fine) and I call my apache script via cURL. It's ugly, but it works :).
更新2
我开始认为这不是IIS或权限本身的问题,但可能是我们网络上的一些政策的结果 - 虽然我无法想象。来自字段左侧的任何想法?
I'm beginning to think this isn't so much an issue with IIS or permissions as such, but perhaps a result of some policy we have on our network - although I can't imagine what. Any ideas from left of field?
推荐答案
以下是一种更系统的方法来确定哪些用户需要被授予权限
Below is a more systematic way to determine which user needs to be granted permission
确认您在C中有以下可执行文件:\ WINDOWS \ SYSTEM34(或更一般%systemroot%\ system32)
Confirm that you have the following executables in C:\WINDOWS\SYSTEM32 (or more generically %systemroot%\system32)
cmd.exe whoami.exe检查这些可执行文件的当前ACL
Check the current ACL for these executables
c:\windows\system32> cacls cmd.exe c:\windows\system32> cacls whoami.exe如果用户Everyone未被授予读取(R)访问权限,则TEMPORARILY授予如下
If the user "Everyone" is not granted Read (R) access, then TEMPORARILY grant as follows
c:\windows\system32> cacls cmd.exe /E /G everyone:R c:\windows\system32> cacls whoami.exe /E /G everyone:R使用以下内容创建whoami.php
Create whoami.php with the following content
<?php $output = shell_exec("whoami"); echo "<pre>$output</pre>"; ?>在网络浏览器上加载whoami.php并记下显示的用户名,例如在我的情况下,它显示
Load whoami.php on a web browser and note the username displayed e.g. in my case it showed
ct29296 \\\ ndr \\ _template
ct29296\iusr_template
如果必须添加,撤销Everyone's的许可在上述步骤中
Revoke "Everyone's" permission if it had to be added in above steps
c:\windows\system32> cacls cmd.exe /E /R everyone c:\windows\system32> cacls whoami.exe /E /R everyone仅使用Read +授予步骤5中找到的用户名执行权限(R)到cmd.exe
Grant only the username found in step 5 with the Read+Execute permission (R) to cmd.exe
c:\windows\system32> cacls cmd.exe /E /G ct29296\iusr_template:R请记住使用正确的用户名你自己的系统。
Remember to use the correct username for your own system.
请参阅: http://www.myfaqbase.com/index.php?q=php+shell_exec&ul=0&show=f
这篇关于如何让shell_exec在IIS 6.0上运行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
阅读&执行对C:\ WINDOWS \ system32 \ cmd.exe的 NETWORK SERVICE 的权限 