mailing list archives
Re: nmap from PHP script.
From: Vlatko Kosturjak <kost () linux hr>
Date: Tue, 15 Feb 2011 15:45:31 +0100
On 02/15/2011 03:12 PM, Daniel Cba. wrote:
when I run nmap from a php script finds 26 hosts
$output = shell_exec('nmap -sP 10.101.154.1-255');
Nmap done: 255 IP addresses (26 hosts up) scanned in 8.62 seconds
and from command line finds 104 host
#root>nmap -sP 10.101.154.1-255
Nmap done: 255 IP addresses (104 hosts up) scanned in 5.43 seconds
Seems like permission/user rights problem. PHP scripts usually run under
low-privilege user while in command line you're running as root.
Quick fix would be putting setuid on nmap: chmod +s nmap
But, you should be aware of security implications of that. Especially if
you're taking user input from web and forwarding it to nmap (with root
rights!!!). In short, it is security disaster waiting to happen (just
take look at --interactive option description!).
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/