|
在PHP中執(zhí)行shell_exex("super mkdir dir"); super 原文件如下: #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <unistd.h> /*本工具是為PHP調(diào)用linux外部命令而寫. *其原理是首先為apatch設(shè)置root權(quán)限,, *接著調(diào)用system執(zhí)行命令行參數(shù),, *最后返回命令行結(jié)果值 */ int main(int argc, char* argv[]) { uid_t uid ,euid; char cmd[2048]={0}; int i,ret=0; FILE * fp; uid = getuid() ; euid = geteuid(); //printf("my uid :%u/n",getuid()); //這里顯示的是當(dāng)前的uid 可以注釋掉. //printf("my euid :%u/n",geteuid()); //這里顯示的是當(dāng)前的euid setreuid(euid, uid); //交換這兩個(gè)id //printf("after setreuid uid :%u/n",getuid()); //printf("afer sertreuid euid :%u/n",geteuid()); for(i=1;i<argc;i++) { strcat(cmd,argv[i]); strcat(cmd," "); } strcat(cmd,";echo $? > /tmp/system.return"); system(cmd); fp=fopen("/tmp/system.return","r"); if(fp) { fscanf(fp,"%d",&ret); fclose(fp); } return ret; }
編譯加上權(quán)限 chmod u+s super |
|
|
