how make apache run nmap
I am running Debian with apache.
I have a perl cgi script that needs to run an nmap scan of a local network looking for port UDP 161 (SNMP enabled devices)
Unfortunately apache doesn't have root priv's, so it can't run the nmap scan.
Does anyone know how to fix this? It's part of a big project where we make an SNMP NMS in Perl. The interface has to be a website. Everything was going good until now :)
How about using sudo to allow the wwwrun user (or whatever user that running the script) to run nmap? (add the entry to the /etc/sudoers file)
The Wolfman is having a similar problem. I'm trying to execute a shell script through Apache as root that will allow users on my server to skip songs in a shoutcast playlist. The script works from within my shell, but when I try to launch my script through Apache, it fails.
Here is some information on a funky little PHP function called exec()
You may want to create a shell script that will run nmap as follows:
Then create a php script that will execute the shell script.
Will this actually work? The Wolfman does not know!
Thanks for the input!
OK, well there was an issue with that too...
when I ran the command in perl (something like this:
system("sudo nmap -sU -P0 -p 161 ...etc etc")
i'd get output in the /var/log/apache2/error.log saying 'password:'
So I figure it was waiting for a password for input, none given, it gave up and spat out more errors.
Now, what I did is this:
I added a line at the end of the file like this:
www-data ALL=(ALL) NOPASSWD: /usr/bin/nmap
Now the user www-data can run nmap as root without needing to input a password.
I tested it and it seems to be working ok.
Now time to fix the rest of the issues coming up ;)
Thanks again for the input, it sure got me on the right track! :D