Difference between revisions of "Php www-data program that creates a crontab and calls a C program that executes root commands to copy it into crontabs and install it"
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Here's an example of a crontab that does something | Here's an example of a crontab that does something every minute | ||
#m h md m wd user command | #m h md m wd user command | ||
* * * * * /bin/echo " siteNoHstilloobar $(date) " >> /usr/local/docs/testcron.txt | * * * * * /bin/echo " siteNoHstilloobar $(date) " >> /usr/local/docs/testcron.txt | ||
Stackoverflow had a prg to [http://stackoverflow.com/questions/8532304/execute-root-commands-via-php execute-root-commands-via-php] So I could put commands in wrapper.c and they would execute with root permissions. This allowed me to replace the user:sitebuil crontab and install it. Did this and put wrapper.c and installCron (the compiled version) here | you can see in testcron.txt and know its running from cron by seeing it in the log by running | ||
root@server1 ~# tail /var/log/syslog | |||
refp from Stackoverflow had a prg to [http://stackoverflow.com/questions/8532304/execute-root-commands-via-php execute-root-commands-via-php] So I could put commands in wrapper.c and they would execute with root permissions. This allowed me to replace the user:sitebuil crontab and install it. Did this and put wrapper.c and installCron (the compiled version) here | |||
root@server1 sitebuil/scripts# gcc wrapper.c -o installCron | root@server1 sitebuil/scripts# gcc wrapper.c -o installCron | ||
wrapper.c | wrapper.c | ||
<syntaxhighlight> | <syntaxhighlight lang="c"> | ||
#include <stdlib.h> | #include <stdlib.h> | ||
#include <sys/types.h> | #include <sys/types.h> | ||
| Line 22: | Line 25: | ||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||
create a crontab file | This create a crontab file and installs it from php www-data http://pathboston.com/zstill/wwwcron.php | ||
<syntaxhighlight> | <syntaxhighlight lang="php"> | ||
<?php | <?php | ||
//testfile to have ph create a newSitebuilCron file and replace /var/spool/cron/crontab/sitebuil | //testfile to have ph create a newSitebuilCron file and replace /var/spool/cron/crontab/sitebuil | ||
| Line 40: | Line 43: | ||
?> | ?> | ||
</syntaxhighlight> | </syntaxhighlight> | ||
This is a bit of what is in the testcron.txt file | |||
<pre> | |||
first line Sat Jan 5 15:09:01 EST 2013 | |||
second line Sat Jan 5 15:10:01 EST 2013 | |||
first line Sat Jan 5 15:10:01 EST 2013 | |||
second line Sat Jan 5 15:11:01 EST 2013 | |||
first line Sat Jan 5 15:11:01 EST 2013 | |||
second line Sat Jan 5 15:12:01 EST 2013 | |||
</pre> | |||
Latest revision as of 15:00, 31 December 2013
Here's an example of a crontab that does something every minute
#m h md m wd user command * * * * * /bin/echo " siteNoHstilloobar $(date) " >> /usr/local/docs/testcron.txt
you can see in testcron.txt and know its running from cron by seeing it in the log by running
root@server1 ~# tail /var/log/syslog
refp from Stackoverflow had a prg to execute-root-commands-via-php So I could put commands in wrapper.c and they would execute with root permissions. This allowed me to replace the user:sitebuil crontab and install it. Did this and put wrapper.c and installCron (the compiled version) here
root@server1 sitebuil/scripts# gcc wrapper.c -o installCron
wrapper.c <syntaxhighlight lang="c">
- include <stdlib.h>
- include <sys/types.h>
- include <unistd.h>
int main (int argc, char *argv[]) {setuid (0);
/* WARNING: Only use an absolute path to the script to execute,
* a malicious user might fool the binary and execute
* arbitary commands if not.
* */
system ("cp /usr/local/docs/newSitebuilCron /var/spool/cron/crontabs/sitebuil");
system ("/usr/bin/crontab -u sitebuil /var/spool/cron/crontabs/sitebuil");
return 0;
} </syntaxhighlight> This create a crontab file and installs it from php www-data http://pathboston.com/zstill/wwwcron.php <syntaxhighlight lang="php"> <?php //testfile to have ph create a newSitebuilCron file and replace /var/spool/cron/crontab/sitebuil $fp = fopen('/usr/local/docs/newSitebuilCron', 'w'); fwrite($fp, '#m h md wd user cmd'.PHP_EOL. '* * * * * /bin/echo " first line $(date) " >> /usr/local/docs/testcron.txt'.PHP_EOL. '* * * * * /bin/echo " second line $(date) " >> /usr/local/docs/testcron.txt'.PHP_EOL ); fclose($fp); echo 'it ran'; //wrapper.c compiled -> installCron prog that runs as anybody but executes root commands //copying usr/local/docs/newSitebuilCron to /var/spool/cron/crontab/sitebuil //and then installing the sitebuil crontab exec('/home/sitebuil/scripts/installCron'); ?> </syntaxhighlight> This is a bit of what is in the testcron.txt file
first line Sat Jan 5 15:09:01 EST 2013 second line Sat Jan 5 15:10:01 EST 2013 first line Sat Jan 5 15:10:01 EST 2013 second line Sat Jan 5 15:11:01 EST 2013 first line Sat Jan 5 15:11:01 EST 2013 second line Sat Jan 5 15:12:01 EST 2013
