Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap from PHP script.
From: Vlatko Kosturjak <kost () linux hr>
Date: Tue, 15 Feb 2011 15:45:31 +0100

On 02/15/2011 03:12 PM, Daniel Cba. wrote:

hello people
when I run nmap from a php script finds 26 hosts 
$output = shell_exec('nmap -sP');
echo "<pre>$output</pre>";
Nmap done: 255 IP addresses (26 hosts up) scanned in 8.62 seconds

and from command line finds 104 host
#root>nmap -sP
Nmap done: 255 IP addresses (104 hosts up) scanned in 5.43 seconds

Seems like permission/user rights problem. PHP scripts usually run under
low-privilege user while in command line you're running as root.

Quick fix would be putting setuid on nmap: chmod +s nmap
But, you should be aware of security implications of that. Especially if
you're taking user input from web and forwarding it to nmap (with root
rights!!!). In short, it is security disaster waiting to happen (just
take look at --interactive option description!).

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]