Re: System call

Greetings, Jerry Stuckle.
In reply to Your message dated Wednesday, June 25, 2008, 15:54:07,

when i tryed this
exec("C:\\Admin_Works\\Admin.bat");
it prints the two line form the admin.bat file
Read PHP manual about "exec" and other program execution functions.
If you do not have a "@" prepending lines in your bat file, or "echo off" as
first line, CMD will print out content of bat file. That's what you got.

exec() executes a program. A .bat file is not a program. You need to
either execute the command processor (cmd.exe) and pass your .bat
filename as a parameter, or use the system() function.
As I said many times already, please test before posting answers.
.bat files actually executable in Windows (special processing rule).
And it is what OP got - his bat file was executed by CMD and he got the .bat
file contents echoed back.

[C:\]$type exectest.php
<?php

$rc = exec('C:\exectest.bat');

echo "Result is >{$rc}<";

?>
[C:\]$type exectest.bat
@echo Testtestetst...

[C:\]$exectest.php
Result is >Testtestetst...<

[C:\]$



Believe me - I know how it works. I suspect I've working with it a hell
of a lot longer than you - I got one of the original IBM PC's with Dos
1.0 over 25 years ago.

It was your first PC? How young you are then?


I didn't say that, stoopid.

So, you're younger then? No surprize for me.
You're operating like 14-years young teenager, who has no luck with girls and
playing Big Dad in internet to support his own ego.
Glad to be wrong, but it's highly unlikely...

What you say is true - depending on what other options are set.

It just true, without any "depending"s...
Please TEST it.


No, it "depends" - on how you have your system configured. Someone else
with a differently configured system will not work the same way. Or is
that too hard for your limited intelligence to understand?

At least it does work for OP and me, so your big knowledge about system
configurations have no application here.

But he also indicated that was the ONLY output he got.

Then it was problem with his batch file or misunderstanging of the way the
exec function works.
But it has nothing to do with PHP itself.


So now you're backpedaling - saying that you're answer was full of ***?
Know what? You're RIGHT!

Sorry, what "backpedaling" means? My answer was as clear as possible with such
lack of info.

And .BAT files are executed ONLY if special rules are set.

As far as I know, they are set by default. At least, I haven't entered the
situation, when I can't "execute" .bat file from PHP.


AS FAR AS YOU KNOW.

Only God know everything. I'm not even close to his majesty. And you too.
Period.

But you've already shown you don't know a lot - repeatedly.
It would take less than 30 seconds and your system would not be able to
execute .bat files with the exec() function.

It takes less than 2 seconds and any system will not be able to execute even
..com files. Not to mention .exe ones.
We are speaking about working system or in some way castrated one?

And, in fact, that modification is recommended for secure systems so people
can't easily sneak in rogue .bat fails.

If you mean this one
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsXP/RegistryTips/Commandshell/DisableWindows2000XPcommandpromtandexecutionofbatchfiles.html
I'm considering this the same way as disabling regedit and other tools -
malicious action that must be closely revieved and source of that action -
killed. (Preferable physically)
If I want real system security, I'm giving real rights to accounts, so they
will never be able to produce any effects that may destroy system stability.
Their own accounts they may shake and spin as long as they want. It's, at
last, their right - to have freedom in their own place.

system() ALWAYS can execute a .bat file.

So, as usual, you are showing your limited intelligence and experience,
because what you say is valid only under certain conditions.

My example ^^^ above. You showed nothing to prove your words.
Who is right? One who tested.



I don't need to prove anything to someone as stoopid as you are. And
even when I do, you dismiss them.

If you are so displeased, please meet your mirror and take a closer look at
it. I think your face will be the better medicine for your ego.
If you do not have anything to defend your position, other than isulting
speech - STFU. If you are ready for constructive conversation - you'll find me
here.

Secure your system properly and your "answer" will not work.

I have it secured properly. If you think my security is just a joke - come
here and break it.


--
Sincerely Yours, AnrDaemon <anrdaemon@xxxxxxxxxxx>

.

Loading