-
November 17th, 2007, 10:41 PM
#1
how make apache run nmap
Hey everyone,
I am running Debian with apache.
I have a perl cgi script that needs to run an nmap scan of a local network looking for port UDP 161 (SNMP enabled devices)
Unfortunately apache doesn't have root priv's, so it can't run the nmap scan.
Does anyone know how to fix this? It's part of a big project where we make an SNMP NMS in Perl. The interface has to be a website. Everything was going good until now
Thanks!
Dave
Alcohol & calculus don't mix. Never drink & derive.
-
November 17th, 2007, 11:32 PM
#2
How about using sudo to allow the wwwrun user (or whatever user that running the script) to run nmap? (add the entry to the /etc/sudoers file)
Last edited by phishphreek; November 17th, 2007 at 11:51 PM.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
November 18th, 2007, 01:57 AM
#3
The Wolfman is having a similar problem. I'm trying to execute a shell script through Apache as root that will allow users on my server to skip songs in a shoutcast playlist. The script works from within my shell, but when I try to launch my script through Apache, it fails.
Here is some information on a funky little PHP function called exec()
http://ca3.php.net/function.exec
You may want to create a shell script that will run nmap as follows:
Then create a php script that will execute the shell script.
Will this actually work? The Wolfman does not know!
-
November 18th, 2007, 02:44 AM
#4
Thanks for the input!
OK, well there was an issue with that too...
when I ran the command in perl (something like this:
system("sudo nmap -sU -P0 -p 161 ...etc etc")
i'd get output in the /var/log/apache2/error.log saying 'password:'
So I figure it was waiting for a password for input, none given, it gave up and spat out more errors.
Now, what I did is this:
#visudo
I added a line at the end of the file like this:
www-data ALL=(ALL) NOPASSWD: /usr/bin/nmap
Now the user www-data can run nmap as root without needing to input a password.
I tested it and it seems to be working ok.
Now time to fix the rest of the issues coming up
Thanks again for the input, it sure got me on the right track!
Alcohol & calculus don't mix. Never drink & derive.
Similar Threads
-
By darius33 in forum The Security Tutorials Forum
Replies: 4
Last Post: June 30th, 2006, 07:09 AM
-
By Irongeek in forum Security News
Replies: 9
Last Post: January 31st, 2006, 10:24 PM
-
By agent.idle in forum AntiOnline's General Chit Chat
Replies: 9
Last Post: March 19th, 2004, 05:51 PM
-
By Maverick811 in forum Web Security
Replies: 4
Last Post: May 30th, 2003, 11:04 PM
-
By jethro in forum Other Tutorials Forum
Replies: 2
Last Post: July 2nd, 2002, 09:19 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|