Results 1 to 4 of 4

Thread: how make apache run nmap

  1. #1
    Senior Member
    Join Date
    Aug 2001
    Location
    Calgary, AB Canada
    Posts
    140

    how make apache run nmap

    Hey everyone,

    I am running Debian with apache.

    I have a perl cgi script that needs to run an nmap scan of a local network looking for port UDP 161 (SNMP enabled devices)

    Unfortunately apache doesn't have root priv's, so it can't run the nmap scan.

    Does anyone know how to fix this? It's part of a big project where we make an SNMP NMS in Perl. The interface has to be a website. Everything was going good until now

    Thanks!

    Dave
    Alcohol & calculus don't mix. Never drink & derive.

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    How about using sudo to allow the wwwrun user (or whatever user that running the script) to run nmap? (add the entry to the /etc/sudoers file)
    Last edited by phishphreek; November 17th, 2007 at 11:51 PM.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member wolfman1984's Avatar
    Join Date
    Aug 2007
    Location
    fangtastic.org
    Posts
    191
    The Wolfman is having a similar problem. I'm trying to execute a shell script through Apache as root that will allow users on my server to skip songs in a shoutcast playlist. The script works from within my shell, but when I try to launch my script through Apache, it fails.

    Here is some information on a funky little PHP function called exec()

    http://ca3.php.net/function.exec

    You may want to create a shell script that will run nmap as follows:

    Code:
    sudo nmap
    Then create a php script that will execute the shell script.

    Will this actually work? The Wolfman does not know!
    I AM... THE WOLFMAN!!
    The Wolfman's Homepage: http://www.fangtastic.org
    Do you dig the Wolfman?? Sign his Ghoulbook or listen to him Howl

  4. #4
    Senior Member
    Join Date
    Aug 2001
    Location
    Calgary, AB Canada
    Posts
    140
    Thanks for the input!

    OK, well there was an issue with that too...

    when I ran the command in perl (something like this:

    system("sudo nmap -sU -P0 -p 161 ...etc etc")

    i'd get output in the /var/log/apache2/error.log saying 'password:'

    So I figure it was waiting for a password for input, none given, it gave up and spat out more errors.

    Now, what I did is this:

    #visudo

    I added a line at the end of the file like this:

    www-data ALL=(ALL) NOPASSWD: /usr/bin/nmap

    Now the user www-data can run nmap as root without needing to input a password.

    I tested it and it seems to be working ok.

    Now time to fix the rest of the issues coming up


    Thanks again for the input, it sure got me on the right track!
    Alcohol & calculus don't mix. Never drink & derive.

Similar Threads

  1. APACHE for Win32 with SSL support v 1.4
    By darius33 in forum The Security Tutorials Forum
    Replies: 4
    Last Post: June 30th, 2006, 07:09 AM
  2. Nmap 4.0
    By Irongeek in forum Security News
    Replies: 9
    Last Post: January 31st, 2006, 10:24 PM
  3. TCP/IP Fingerprinting via NMAP
    By agent.idle in forum AntiOnline's General Chit Chat
    Replies: 9
    Last Post: March 19th, 2004, 05:51 PM
  4. DoS Vulnerability - Apache 2.x
    By Maverick811 in forum Web Security
    Replies: 4
    Last Post: May 30th, 2003, 11:04 PM
  5. Configuring Apache
    By jethro in forum Other Tutorials Forum
    Replies: 2
    Last Post: July 2nd, 2002, 09:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •