0

After hours and hours of trying and searching for an answer i coudn't get it working.

Hosting details:

Windows Server 2012 R2

Plesk 12

IIS 8.5

The problem

My problem is: I want to execute this command in PHP. The command is necessary to reload the configs for filezilla, after creating a new user with an PHP script.

C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe /reload-config

It does work when i try it directly in CMD. But in PHP if doens't somehow work. I tried so many things, that im going to try to give you all the manners i tried.

I tried to do this at the following ways:

Trial 1

$command = '"C:\\Program Files (x86)\\FileZilla Server\\FileZilla Server.exe" /reload-config'; 
exec( $command, $output, $return); 

print_r($output);
echo '<br/>' .$return;

Output:

Array ( ) 
0

Trial 2

$command = '"C:\\Program Files (x86)\\FileZilla Server\\FileZilla Server.exe" /reload-config'; 
system( $command, $output); 

print_r($output);

Output: 0

Trial 3

$command = 'C:\\"Program Files (x86)\\FileZilla Server\\FileZilla Server.exe" /reload-config'; 
exec( $command, $output, $return); 

print_r($output);
echo '<br/>' .$return;

Output: 0

Trial 4 (The only one that returns an error!)

exec( 'C:\\"Program Files (x86)\\FileZilla Server\\FileZilla Server.exe" /stop 2>&1', $output); 
print_r($output);

Output:

Array ( [0] => Toegang geweigerd. )

In english:

Array ( [0] => Access denied. )

Privileges:

In allmost all awnsers found they talked about privileges. I did following privileges:

Gave all web users and IUSR privileges to CMD.exe and FileZilla Server.exe, and tried to set the IIS authentication from anonymous to an Administrator account

Somebody said to try this:

echo '<pre>';
    system('set', $retval);
echo ' </pre>';

If i do that my output is: http://pastebin.com/SjzeQpJ0

If you guys want anymore details just ask. I hope you guys can figure it out for me. I tried to be as clear as possible. Thanks.

Finaly found the solution!!

If you encounter the same problem as i did, and you dont know how to fix this, follow this steps.
  1. Login to the Remote of your server (if you have access to it) Open
  2. Open the IIS manager
  3. Select -> Application Pools node underneath the machine node (left panel)
  4. Right click on the desired domainname -> Advanced settings
  5. Scroll to Process Model -> Id
  6. Click on the 3 dots
  7. Check the Custom Account radio button
  8. Fill in an existing administration account which has access to the remote desktop and of course its password
  9. Press OK
  10. Now go to the .exe or whatever file you want to access throught the exec command and
  11. Right click on the file and select properties
  12. Go to the security tab
  13. Select Edit
  14. Now grand full rights to the account you selected before. If its not listed than add it manualy by clicking on Add

If you have done all of this, it now should work.

Red
  • 6,599
  • 9
  • 43
  • 85
  • I am not very familiar with on how Windows verifies privileges, but shouldn't you focus on the user that runs the php interpreter, to allow for command executions rather then the registered users on filezilla server? – Xorifelse Aug 31 '16 at 03:31
  • have you checked the `php.ini` to see if exec is a disabled command. http://www.cyberciti.biz/faq/linux-unix-apache-lighttpd-phpini-disable-functions/ – Perspective Aug 31 '16 at 03:37
  • Yes, i did, it is enabled – Red Aug 31 '16 at 03:38
  • If you do `var_dump` or `echo` what user do you get for `get_current_user` and does that user have execution permissions on the server for that application or path. http://php.net/manual/en/function.get-current-user.php – Perspective Aug 31 '16 at 03:39
  • it shows me this IWPD_21(photobash) – Red Aug 31 '16 at 03:42
  • Check the permissions or privileges of filezilla server and check for that users settings – Perspective Aug 31 '16 at 03:46
  • Allready did, mentioned in my question – Red Aug 31 '16 at 03:48
  • Thank you guys for trying to help me out with this. After seriously searching 12 hours to fix this, i finaly found the solution. Its easier than ive ever expected. Atleast my quest was not for nothing ;) – Red Aug 31 '16 at 10:17

3 Answers3

1

Finaly found the solution!!

If you encounter the same problem as i did, and you dont know how to fix this, follow this steps.
  1. Login to the Remote of your server (if you have access to it)
  2. Open the IIS manager
  3. Select -> Application Pools node underneath the machine node (left panel)
  4. Right click on the desired domainname -> Advanced settings
  5. Scroll to Process Model -> Identity
  6. Click on the 3 dots
  7. Check the Custom Account radio button
  8. Fill in an existing administration account which has access to the remote desktop and of course its password
  9. Press OK
  10. Now go to the .exe or whatever file you want to access throught the exec command and
  11. Right click on the file and select properties
  12. Go to the security tab
  13. Select Edit
  14. Now grand full rights to the account you selected before. If its not listed than add it manualy by clicking on Add

If you have done all of this, it now should work.

user889030
  • 4,353
  • 3
  • 48
  • 51
Red
  • 6,599
  • 9
  • 43
  • 85
  • Even though I'm not doing all the same as you did, your answer definitely inspired me the direction of my solution. My issue is all about the permission setting of the Application Pool. Thank you. and another reference for anyone interests: https://stackoverflow.com/questions/7334216/iis7-permissions-overview-applicationpoolidentity – early Apr 23 '20 at 13:35
  • can u update ur answer for IIS 10.0 because there is no : Scroll to Process Model -> Id – user889030 Jun 26 '20 at 17:17
  • @Red ya i added Administrator account but still cant lunch exe also the Administrator account have permission of all exe – user889030 Jun 29 '20 at 11:45
  • Can you explain step 8? What existing administrator account? Where can I see it? – Matthias Müller Oct 14 '21 at 22:10
0

There is a much safer way to do this I figured out by using the above and exploring some. All you need to do is enable "Load User Profile" and it will then have all the normal user permissions assigned by a regular user. Just got it working like this instead of giving administrative access:

  1. Login to the Remote of your server (if you have access to it)
  2. Open the IIS manager
  3. Select -> Application Pools node underneath the machine node (left panel)
  4. Right click on the desired domainname -> Advanced settings
  5. Scroll to Process Model -> Id
  6. Set Load User Profile = True

and working! specifically fixed Windows 2012 R2

Amb3rL4nn
  • 83
  • 10
0
  1. Go to IIS
  2. Click on Application Pool
  3. Select the application pool -> Advance Settings
  4. Under Popup -> Process Model -> Set Load User Profile to TRUE
  5. And -> Process Model -> Identity -> Local System
  6. This will act as a current user

Note: If current has high privileges over system, This will be high risk.

phpnerd
  • 850
  • 1
  • 10
  • 25