How to run a file with PHP?

Asked

Viewed 3,496 times

5

I wanted to know some code in PHP that makes me open a file .exe, or a line that makes a file run .exe from the same server.

php
  • 2

    there is the exec function, but hardly a shared hosting will leave this enabled under normal conditions. On a server that you manage, you can allow, but then an invasion via PHP compromises the whole server.

  • Bacco, when I refer to hosting is the local server(vertrigo) will it work there?

  • 1

    http://php.net/manual/en/function.exec.php

  • 2

    I don’t know specifics of your case. Theoretically, yes, but you need to test.

2 answers

9


As I had commented as soon as the question was posted, you can use the function exec():

exec( 'caminho/do/executavel', [array &$retorno], [ int &$status_erro ] );

This function works well on both Linux and Windows, since used with the correct paths, obviously.

It returns only the last line of the output. In a simple command like 'pwd', this function resolves without having to pass anything by reference. If you need a directory listing, for example, you already have to use the parameter &$retorno or for example the shell_exec() described further below.

If you want to take advantage of the executable output directly to the screen or to download from the client side, you have the passthru() (remember to set the correct headers in the application).

passthru( 'caminho/do/executavel', [ &$retorno ]);

The difference of the latter is that the data goes straight to the customer, without you having to give echo or any output function.

There is also the system(), to execute commands as if you were executing them directly on shell Linux, or Windows CMD:

system ( 'caminho/do/executavel', [ &$retorno ] );

To not lock the application while the executable runs, redirect the output to some stream or file (for example, caminho/do/executavel > /dev/null on Linux or > NIL on Windows)

Well remembered by @Ivanferrer, there is a "relative" of system(), which is the shell_exec();, that has a syntax difference that can help in some cases - the return of the function is the output of command:

$listagem_do_diretório = shell_exec( 'ls -la' );

I won’t go into detail, but it’s good to comment that there’s still popen() and the pcntl-exec() for some more specialized needs. More details can be seen in the manual.


Notes:

  • It’s good to remember that hosting server administrators usually disable these functions via PHP.ini, as an PHP hack would compromise the rest of the entire server.

  • The & in the above syntax examples it is only to indicate that the parameters are passed by reference. You should not type &$retorno in the actual code, only $retorno. In the same way, the [ ] are also syntax indication, and should not be understood literally. Do not put [ ] in the actual code.

  • Just to leave an example, if you want to block these edit functions in php.ini o disable_functions, example: disable_functions =exec,passthru,shell_exec,system,proc_open,popen

  • It’s just that I don’t know how your server works, but supposing php+apache runs in a specific user group (without root) then I think it would affect little, of course I don’t know if there are sploits depending on the version of the server system, apache and php. By way of doubt blocks rs.

  • @Guilhermenascimento is that if you do not restrict open_basedir, even if some attacker does not touch the machine, you will be able to see the structure of the filesystem enough to give a notion of the machine, and find other gaps. The Apache does run separately. By default there is a lot in linux that other users can read, even without changing, and restricting PHP costs about 2 minutes of work :).

2

Use the PHP function exec()!

exec( 'caminho/do/executavel.exe', &$resultado);
echo $resultado;

Remarks

  1. exec must be enabled
  • 1

    Thanks for the help

  • 1

    Why does the page only stop loading when the executable is open? How do I avoid this?

  • 2

    The method exec() also works for Linux, as long as it is enabled, but Linux has the shell_exec() who does the same thing.

  • 2

    I didn’t know that! I thought shell_exec() was for one and the exec() to another. Well, I’ll edit it then! What @Bacco said then is true, but without presenting solution becomes difficult to consider, right?! Thank you, Ivanferrer!!!

  • 2

    Just a hint don’t use the &$resultado this is discontinued out of function, use the &$variavel only in functions or class methods, otherwise it will issue warnings.

Browser other questions tagged php

You are not signed in. Login or sign up in order to post.