Difference between revisions of "Php www-data program that creates a crontab and calls a C program that executes root commands to copy it into crontabs and install it"

Here's an example of a crontab that does something you can see in testcron.txt

#m h md m wd user command
* * * * * /bin/echo " siteNoHstilloobar $(date) " >> /usr/local/docs/testcron.txt

Stackoverflow had a prg to execute-root-commands-via-php So I could put commands in wrapper.c and they would execute with root permissions. This allowed me to replace the user:sitebuil crontab and install it. Did this and put wrapper.c and installCron (the compiled version) here

root@server1 sitebuil/scripts# gcc wrapper.c -o installCron

wrapper.c <syntaxhighlight>

1. include <stdlib.h>
2. include <sys/types.h>
3. include <unistd.h>

int main (int argc, char *argv[]) {setuid (0);

/* WARNING: Only use an absolute path to the script to execute,
 *          a malicious user might fool the binary and execute
 *          arbitary commands if not.
 * */
system ("cp /usr/local/docs/newSitebuilCron /var/spool/cron/crontabs/sitebuil");
system ("/usr/bin/crontab -u sitebuil /var/spool/cron/crontabs/sitebuil");
return 0;

} </syntaxhighlight> create a crontab file install it from webphp http://pathboston.com/zstill/wwwcron.php <syntaxhighlight> <?php //testfile to have ph create a newSitebuilCron file and replace /var/spool/cron/crontab/sitebuil $fp = fopen('/usr/local/docs/newSitebuilCron', 'w'); fwrite($fp, '#m h md wd user cmd'.PHP_EOL. '* * * * * /bin/echo " first line $(date) " >> /usr/local/docs/testcron.txt'.PHP_EOL. '* * * * * /bin/echo " second line $(date) " >> /usr/local/docs/testcron.txt'.PHP_EOL ); fclose($fp); echo 'it ran'; //wrapper.c compiled -> installCron prog that runs as anybody but executes root commands //copying usr/local/docs/newSitebuilCron to /var/spool/cron/crontab/sitebuil //and then installing the sitebuil crontab exec('/home/sitebuil/scripts/installCron'); ?> </syntaxhighlight>