Running the p0f tool from PHP

Whether you are using Linux on the desktop or as a server, it's still good that you're using Linux. Linux related questions go here.

Moderator: General Moderators

Post Reply
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Running the p0f tool from PHP

Post by james_cwy »

I have tried using some of the codes that I know of but still I cannot get it to run.
I have a script located at
/root/UMThesis/p0f2003/p0f:
#!/bin/sh
#
# p0f startup script. p0f is a passive fingerprinting tool
#
#
# PURPOSE: To start the p0f process
# Add '-d' to command line for debug information

set -x

# Start p0f
./p0f > test.txt

When I run this shell script at the prompt, it will capture whatever data and pass it to test.txt.
And when I run the system monitor, I can see that p0f is running and when I check the /root/UMThesis/p0f2003/p0f, I see test.txt.

My question: Can I actually do the same thing through PHP? Meaning-I can actually run this program from a PHP page and p0f will run and show up in the network monitor and test.txt will be created?
I have tried exec and system but to no avail.
My main purpose here is instead of running p0f on the prompt I can run it using/through a webpage and then view the test.txt through a web page.
If this is possible, pls give an example on how to do it.
Thanks a million.Appreciate your help.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

shell_exec("[command]");

maybe be useful here. this way, you can get the actual output of whatever happens. Such as :

Code: Select all

<?php
$this = shell_exec("[command]");
  echo "<pre>$this</pre>";
?>
more information can be found here:
http://www.php.net/manual/en/function.shell-exec.php

hope that helps


Edit: you may also want to read up on [php_man]file[/php_man] as this lists some ways for you to read the file you are wanting. Over on the left are otherways to spit what data you read out into a table, or a database.
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Still cannot

Post by james_cwy »

I tried using this:
<?php
$output = shell_exec('/bin/sh /root/bin/start-p0f.sh');
echo "<pre>$output</pre>";
?>
but still did not work. p0f does not show up in the system monitor and when i use ps ax to view the services running, p0f does not show at all.

Normally, at prompt where p0f islocated, you type start-p0f.sh and p0f will start for you.
What I would like is to be able to start p0f using PHP rather than starting it using the prompt.
Is this possible?

Thanks
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

well that's why i was trying to see if the shell_exec would work for you, as in order for you to start that app, you are gonna have to drop down to a console. [php_man]exec[/php_man] and [php_man]shell_exec[/php_man] do this, so i'm unsure why they are not working for you in this case. Give me 5 minutes and I should have a solution for that...
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

er, try this while i'm looking, i want to see if it will work

you have :
$output = shell_exec('/bin/sh /root/bin/start-p0f.sh');

try just typing
exec("/bin/sh /root/bin/start-p0f.sh\n");


notice the \n, this tells it to press enter :P
Last edited by infolock on Tue Dec 16, 2003 1:17 am, edited 1 time in total.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

Ok, try this link :

http://www.php.net/manual/en/function.system.php

down near the bottom, there are a lot of responses to this type of issue. It's not an issue as in it can't be done, but they have given people alternative ways to execute commands. If that doesnt help, I might would just keep checking back here to see if anyone else has any pointers (i'm a windows user myself, but thought i would at least try to find the answer since i'm thinking about going to linux soon anyways... ) hope that helps.
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Not working

Post by james_cwy »

I tried
<?php
exec("/bin/sh /root/bin/start-p0f.sh\n");
?>

I will take a look at it
Thanks
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

np, hope it works for you. til then, maybe someone else can shed some light on what we're missing here.
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Still cannot run??

Post by james_cwy »

I am going to put all the shell scripts into root/bin/ folder that I had created and this bin folder's permission is 755.
The script (start-p0f.sh) here is:
#!/bin/sh
#
# p0f startup script.
#
#
# PURPOSE: To start the p0f process
# Add '-d' to command line for debug information

set -x

# Start p0f
/root/UMThesis/p0f2003/p0f/p0f >
/root/UMThesis/output.txt
------------------------------------------------------------
**location-/root/UMThesis/p0f2003/p0f/p0f->p0f is located here
**saved to -/root/UMThesis/output.txt->redirect the output file to here

Permission for /root/UMThesis/ - 757 allowing others to write.
Permission for other folders in /root/UMThesis/-755

I am using this to run p0f://got this from the web
$stat=system('/bin/sh /root/bin/start-p0f.sh', $ret);
//will use /bin/sh to execute the script
echo $ret; //echoes return status of command (on 'Nix, 0 for success)
echo $stat; // echoes output of 'start-p0f.sh', if any

Once I got a return value of 1,0 and 127.
Which is the right one? What should I get?

Checking at /root/UMThesis/, the output.txt file is created but there is no content in it. Normally, when I run the script from prompt, there is output straight away because p0f will redirect the output to output.txt.What I want is to be able to redirect the output to output.txt and then use PHP to just view this txt file.
My main purpose here is instead of running p0f on the prompt I can run it using/through a webpage

I have tried running commands like 'ls' in system and it is OK. I now have my doubts whether system can run a shell script to actually start a program such as tcpdump or p0f and then redirecting it to a file.Any suggestions?

I really do not know what is wrong.
What am I doing wrong?

Hope you can help.Thanks a million
Thanks

-----------------------------------------------------------------------------------------------------------
In addition,
After doing lots of reading on different websites on how to execute scripts, I noticed one thing.
My shell script is different because it actually executes a program through it namely p0f. This can be done to any program say eg tcpdump.
When typed at the prompt-start-p0f.sh, this script will trigger p0f to run and redirect the output to a file

I have not come across shell scripts like mine that needs to be used. Most shell scripts contains linux/unix commands(ls,rm,etc..) and that works fine using system, shell_exec, exec, etc..

I have tried using ls and it works fine using the PHP given commands-system, shell_exec, exec, etc..

Now I have my doubts whether these functions can actually execute a script that executes a program such as p0f or even tcpdump.

Can someone enlighten me on this issue?
Is there another way to do what I would like to do?

I have tried all the ways that I can think of and yet I cannot resolve this issue still.

Please advise. Thank you so much.
jason
Site Admin
Posts: 1767
Joined: Thu Apr 18, 2002 3:14 pm
Location: Montreal, CA
Contact:

Post by jason »

Code: Select all

system("./whatever.sh &> /dev/null &");
This will run whatever.sh in the background so PHP doesn't have to wait for an answer. &> /dev/null directs the output to /dev/null (obviously) and the second & backgrounds the operation.
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Directory of shell scripts

Post by james_cwy »

Jason, thanks for the help.
Just want to ask:

When you suggested:
system("./whatever.sh &> /dev/null &");

What about specifying the directory of the shell script?

Would it be:

system ("/root/UMThesis/p0f/start-p0f.sh & > /dev/null &")

Have you actually tried this kind of command to start any programs like tcpdump or any other programs?

Thanks again
James
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Directing the output

Post by james_cwy »

Say I want to direct the p0f output to a text file.

Should I write this in the shell script or put it at the PHP code?

Pls advise.
THanks
James
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Does not run

Post by james_cwy »

I tried what you had said:
system("/root/bin/start-p0f.sh &> /dev/null &");

but when I did a ps aux | grep p0f at the terminal the p0f program was not run.

Any advise?

Thanks
James
james_cwy
Forum Newbie
Posts: 9
Joined: Sun Nov 09, 2003 10:10 pm

Exec () error

Post by james_cwy »

I have been trying to run p0f all this while and still am working on it.

I used this command:
exec('bash -c "exec nohup setsid /www/htdocs/main/testsystem/start-p0f.sh > /root/UMThesis/p0fout.txt 2>&1 &"');

Looked promising at first but I got this error and have no idea why it had happened.

+ p0f
p0f - passive os fingerprinting utility, version 2.0.3
(C) M. Zalewski <lcamtuf@dione.cc>, W. Stearns <wstearns@pobox.com>
[-] ERROR: pcap_open_live failed: socket: Operation not permitted

I have tried changing to nobody setting the special flags at all the files I think that I sould change but still get this error.

How do I solve this?
Hope someone can guide and advise me.

Thanks
James
Post Reply