PHP-`shell\u exec`不使用NMap(Windows服务器)
我一直在试图弄明白为什么我不能让NMap给我任何类型的输出,甚至不能通过PHP来解决这个问题 到目前为止我已经尝试过的事情:PHP-`shell\u exec`不使用NMap(Windows服务器),php,shell-exec,nmap,Php,Shell Exec,Nmap,我一直在试图弄明白为什么我不能让NMap给我任何类型的输出,甚至不能通过PHP来解决这个问题 到目前为止我已经尝试过的事情: // this doesn't return anything because it's wrong $output = passthru('nmap -V'); echo $output; // this returns a negated integer value passthru('nmap -V', $output); echo $output; // th
// this doesn't return anything because it's wrong
$output = passthru('nmap -V');
echo $output;
// this returns a negated integer value
passthru('nmap -V', $output);
echo $output;
// this doesn't return anything either
$stream = popen('C:\nmap -V', 'r');
while (!feof($stream))
{
$buffer = fread($stream, 1024);
echo $buffer;
}
pclose($stream);
// this doesn't do anything as well
$output = system('C:\nmap -V');
echo $output;
// this does nothing also...
ob_start(); // start output buffering
fpassthru('C:\nmap -V'); // flush COMPLETE output of nmap
$output = ob_get_contents(); // capture output buffer contents
ob_end_clean(); // shutdown output buffers
echo $output; // echo it
//好的,我们试试“proc_open()”怎么样?
//不,这也不行。我只得到一个值“command returned-1073741515”
$descriptorspec=数组(
0=>array(“pipe”,“r”),//stdin是子级将从中读取的管道
1=>array(“pipe”,“w”),//stdout是子级将写入的管道
2=>array(“file”、“errors/errors.txt”、“a”)///stderr是一个要写入的文件
);
$cwd=‘错误’;
$env=array('some_option'=>'aeiou');
$process=proc_open('C:/nmap-V',$descriptorspec,$pipes,$cwd,$env);
如果(是_资源($process))
{
//$pipes现在看起来如下所示:
//0=>连接到子标准的可写句柄
//1=>连接到子标准输出的可读句柄
//任何错误输出都将附加到/errors/errors.txt
fwrite($pipes[0],'');
fclose($pipes[0]);
回波流获取内容($pipes[1]);
fclose($pipes[1]);
//在呼叫之前关闭所有管道非常重要
//程序关闭以避免死锁
$return\u value=proc\u close($process);
echo“命令返回$return\u值\n”;
}
还有很多其他的,但是我从$output
中得到的绝对没有。我也做了很多谷歌搜索,但我还是搞不懂。许多例子似乎也适用于Linux,但这并没有帮助
谢谢。好的,我用这段代码得到一个输出。我将继续编码并完成程序的其余部分。感谢“Chris Haas”在使用中提出的建议 注意:包含“errors.txt”文件的目录必须具有“IIS\U IUSRS”写入权限。如果有疑问,请查看PHP错误日志
$descriptorSpec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "errors/errors.txt", "a") // stderr is a file to write to
);
$env = array('bypass_shell' => true);
$process = proc_open("NMAP.EXE -V", $descriptorSpec, $pipes, "C:\\Program Files (x86)\\NMap", $env);
if (is_resource($process))
{
// '$pipes' now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
fwrite($pipes[0], '<?php print_r($_ENV); ?>');
fclose($pipes[0]);
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
// it is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return_value = proc_close($process);
echo "<br /><br />Command Returned: $return_value\n";
}
$descriptorSpec=数组(
0=>array(“pipe”,“r”),//stdin是子级将从中读取的管道
1=>array(“pipe”,“w”),//stdout是子级将写入的管道
2=>array(“file”、“errors/errors.txt”、“a”)///stderr是一个要写入的文件
);
$env=array('bypass_shell'=>true);
$process=proc_open(“NMAP.EXE-V”,$descriptorSpec,$pipes,”,C:\\Program Files(x86)\\NMAP“,$env);
如果(是_资源($process))
{
//“$pipes”现在看起来如下所示:
//0=>连接到子标准的可写句柄
//1=>连接到子标准输出的可读句柄
fwrite($pipes[0],'');
fclose($pipes[0]);
回波流获取内容($pipes[1]);
fclose($pipes[1]);
//在呼叫之前关闭所有管道非常重要
//程序关闭以避免死锁
$return\u value=proc\u close($process);
echo“
返回的命令:$return\u value\n”;
}
Nmap版本7.91()平台:
i686 pc windows windows编译:nmap-liblua-5.3.5
openssl-1.1.1h nmap-libssh2-1.9.0 nmap-libz-1.2.11 nmap-libpcre-7.6
Npcap-1.00 nmap-libdnet-1.12 ipv6编译时没有:可用nsock
引擎:iocp轮询选择
返回的命令:0
我建议重新阅读,因为该函数在任何情况下都不会返回任何数据。好的,我们可以划掉
passthru
。这是否回答了您的问题shell_exec()
也不一定返回任何内容。@esqew,不。这也不起作用,我在谷歌搜索中已经找到了。
$descriptorSpec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("file", "errors/errors.txt", "a") // stderr is a file to write to
);
$env = array('bypass_shell' => true);
$process = proc_open("NMAP.EXE -V", $descriptorSpec, $pipes, "C:\\Program Files (x86)\\NMap", $env);
if (is_resource($process))
{
// '$pipes' now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
fwrite($pipes[0], '<?php print_r($_ENV); ?>');
fclose($pipes[0]);
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
// it is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return_value = proc_close($process);
echo "<br /><br />Command Returned: $return_value\n";
}