1

I have uploaded a simple PHP shell onto a server, but I get one of the following error messages when I am trying to execute a code:

Warning: shell_exec() Unable to execute 'ls' in .... on line 2

Warning: shell_exec() Unable to fork [ls] in ... on line

I think that there are some folder privileges that does not allow me to execute my code. How can I evade it?

Since that "open_basedir restriction in effect", is there a way to execute my shell?

Improve this question
8
  • 1
    Sounds like PHP is running under SElinux / AppArmor, which is preventing non-whitelisted forks from the Apache or PHP process. Commented Dec 31, 2016 at 11:28
  • Is there a way to evade it? Commented Dec 31, 2016 at 11:38
  • Unlikely, without access to the configuration information on the server. Commented Dec 31, 2016 at 14:01
  • @Polynomial, you could post that as an answer instead of a comment. Commented Dec 31, 2016 at 14:03
  • @Polynomial but, for example if I upload successful phpinfo() , I can get the information. Is it? Commented Dec 31, 2016 at 14:05

1 Answer 1

Reset to default
0

The PHP function shell_exec calls the fork system call to create a new process for ls. It seems that the call to fork is blocked by some security policy.

You can still execute any PHP code that doesn't use blocked system calls. So even though you can not run ls, you can still obtain a file listing by running something like this:

<?php
    print_r(glob('*'));
?>
Improve this answer
3
  • Thank you! For example, if I wanna see files and directories in a specified path, eg: C:\inetpub\sitesdata\ I need to use scandir, so it will be: ' <?php $dir = 'C:\inetpub\sitesdata\'; print_r(scandir($dir)); ?>' Commented Dec 31, 2016 at 15:06
  • Just tried, and not works because "open_basedir restriction in effect" Commented Dec 31, 2016 at 15:21
  • @Sjoed , supposing that I've a file in: C:\testfolder\test\user\test.php , how can I read this file without call fork? Commented Jan 3, 2017 at 18:41

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.