For a school project I want to try scanning websites for vulnerabilities, and show the responds on a page.
For this I am trying to use Uniscan.
I tried a lot of ways to get any responds but it isn't working out.
This is what I have right now:
<?php
echo '<pre>';
// Outputs all the result of shellcommand "ls", and returns
// the last output line into $last_line. Stores the return value
// of the shell command in $retval.
$last_line = system('perl uniscan.pl -u https://domain.nl/ -qweds;ls', $ret$
// Printing additional info
echo '</pre>
<hr />Last line of the output: ' . $last_line . '
<hr />Return value: ' . $retval;
?>
This is the responds, the only thing you see is the responds of the 'ls' command.
I hope someone can help me.
I think you have poorly copied the code from http://php.net/manual/en/function.system.php .
In addition to that your code has syntax errors. You passed $ret
to system but tried to print $retval
. Also the closing parenthesis is missing.
Try this:
$last_line = system('/usr/bin/perl uniscan.pl -u https://domain.nl/ -qweds', $retval);
Note that I have provided absolute path of perl interpreter.
The problem was that the www-data user didn't had rights to run that script.
So when I gave him right in the sudoers file like this:
www-data ALL = NOPASSWD: /var/www/html/Uniscan/uniscan.pl
everything works perfectly!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.