-2

I am trying to execute a shell script when loading a .php in a web-server, I've already been struggling with this for a while so I will ask for help.

What I've tried so far is to make a wrapper as explained in this post: Execute root commands via PHP

But I couldn't really get it to work making the wrapper execute a shell script, even when the script worked when being executed from the console with root privileges.

So the only solution I could found is to convert the shell code to a C code using "system ("") as using system(" ")

I don't really know if it's possible, what the shell script used to do is check the PID of the process running in the port 12321 and then kill it.

The shell script alone worked, so I am asking if anyone knows if it's possible to convert to C, here is the shell script I want to convert:

#!/bin/sh

pid=$(/bin/fuser -n tcp 12321 | /usr/bin/awk '{print $1}');
/bin/kill -9 $pid;

And here is the wrapper.c being used, that used to execute the code above called in my machine (testversion.sh), but I don't know why, isn't working.

#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

    int main (int argc, char *argv[]) {
        setuid (0);
        system ("/bin/bash /var/www/html/scrip/debugport/testversion.sh");
        return 0;
    }

As this doesn't seem to work, someone got a way of executing it all in the C code?

Community
  • 1
  • 1
JR1
  • 23
  • 7
  • 1
    Welcome to Stack Overflow. Please read the [About] page soon. Note that your question can legitimately be closed as 'off-topic' because _Questions seeking debugging help ("why isn't this code working?") must include the desired behavior, a specific problem or error and the shortest code necessary to reproduce it in the question itself. Questions without a clear problem statement are not useful to other readers._ Please see how to create an MCVE ([How to create a Minimal, Complete, and Verifiable Example?](http://stackoverflow.com/help/mcve)). – Jonathan Leffler Aug 08 '15 at 18:34
  • 2
    Note that since your `main()` ignores its arguments, you should define it as `int main(void)`. The `setuid(0);` will only do anything if the program is already running with root privileges; it is not clear that it is necessary. You ignore the status returned by `system()`. You've not explained it, but presumably the script you show using `fuser`, `awk` and `kill` is the script in your `/var/www/html/scrip/debugport/testversion.sh` file? And the use of `scrip` rather than `script` is deliberate? It seems odd that the shebang is `#!/bin/bash` but you expicitly run the command with `/bin/sh`. – Jonathan Leffler Aug 08 '15 at 18:38
  • "as executing a shell script doesn't seem to work"...doesn't work how? What errors are you getting? What problem are you actually trying to solve? How is your C code not working? – larsks Aug 08 '15 at 22:09
  • I improved the post trying to make clear what I am trying to do. – JR1 Aug 08 '15 at 22:45

1 Answers1

0

Try this. This code would only be able to kill a process owned by the same user unless run as root.

#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <errno.h>

#define PORT_TO_LOOK_FOR  "12321"
#define DO_NOT_KILL_BELOW  2 /* I am just putting 2 here, you can increase this */

int main(void) {

  FILE *fp;
  char buf[11] = {0};
  pid_t pid;

  /* Open the command for reading. */
  fp = popen("lsof -t -i tcp:" PORT_TO_LOOK_FOR, "r");
  if (fp == NULL) {
    printf("Could not run lsof.\n");
    exit(1);
  }
  else {
    fgets(buf, sizeof(buf)-1, fp);
    pclose(fp);

    pid = (pid_t)atoi(buf);
    if( pid < 1) {
      printf("Either no one is listening on port " 
        PORT_TO_LOOK_FOR " or u don't have the "
        "necessary permission.\n" );
      exit(1);
    }
    else if( pid < DO_NOT_KILL_BELOW ) {
      printf("The PID we got was not safe to kill.\n");
      exit(1);
    }

    if( kill(pid, SIGKILL) != 0 ) {
      perror("kill");
    }
  }

  return 0;
}
MiJo
  • 569
  • 5
  • 19
  • I can't thank you enough, this is brillitant, thanks! PD: Is great that someone helps instead of downvoting... – JR1 Aug 09 '15 at 09:53
  • And someone knows how could I convert this to C code? screen -S teamspeak -X stuff "stop " I am trying this: system ("/usr/bin/screen -S teamspeak -X stuff "stop ""); PD: It's important to have a ENTER after the stop so it works. – JR1 Aug 09 '15 at 14:47