php执行root命令

一.确定php的sysem等函数可用

二.编写c程序,如ipt.c

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main()
{
    uid_t uid ,euid;

    uid = getuid() ;
    euid = geteuid();

    if(setreuid(euid, uid))  //交换这两个id
        perror("setreuid");

    system("/sbin/iptables -nL --line-number"); //执行iptables -L命令
    return 0;
}

编译
gcc -o ipt -Wall ipt.c
赋予权限:
chmod u+s ipt

php调用:
system("/scripts/ipt",$retval);


三.携带参数
ipt_accept.c

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main(int agrc,char* argv[])
{
    uid_t uid ,euid;

    uid = getuid() ;
    euid = geteuid();

    if(setreuid(euid, uid))  //交换这两个id
        perror("setreuid");


    char buf[500];
    sprintf(buf,"iptables -A INPUT -p tcp -s %s --dport 3306 -j ACCEPT",argv[1]);
    system(buf); //执行iptables -L命令
    return 0;
}


编译
gcc -o ipt_accept -Wall ipt_accept.c
赋予权限:
chmod u+s ipt_accept

php调用:
system("/scripts/ipt_accept " . $ip,$retval);