search

phpipam / phpipam-agent

phpipam scan agent
90 stars 43 forks source link

PHP Warning: exec() has been disabled for security reasons in /functions/classes/class.Scan.php on line 325 #49

Closed anyunpu closed 5 years ago

anyunpu commented 5 years ago

I have a problem

My phpipam did not pingcheck on web.No matter what method I use it, ping or fping. ip01 ip02

And I Configuring crond , but it reported the error "PHP Warning: exec() has been disabled for security reasons in /usr/local/nginx/html/functions/classes/class.Scan.php on line 325". ip05

This is nginx error_log [root@phpipam scripts]# tail -f /usr/local/nginx/logs/error.log 2018/11/08 14:31:11 [error] 114822#0: 57 FastCGI sent in stderr: "PHP message: PHP Warning: exec() has been disabled for security reasons in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 22 PHP message: PHP Warning: array_filter() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25 PHP message: PHP Warning: array_values() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25" while reading response header from upstream, client: 53.48.2.153, server: localhost, request: "POST /app/subnets/scan/subnet-scan-execute.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "53.48.23.6", referrer: "http://53.48.23.6/index.php?page=subnets&section=1&subnetId=7" 2018/11/08 14:31:13 [error] 114822#0: 57 FastCGI sent in stderr: "PHP message: PHP Warning: exec() has been disabled for security reasons in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 22 PHP message: PHP Warning: array_filter() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25 PHP message: PHP Warning: array_values() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25" while reading response header from upstream, client: 53.48.2.153, server: localhost, request: "POST /app/subnets/scan/subnet-scan-execute.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "53.48.23.6", referrer: "http://53.48.23.6/index.php?page=subnets&section=1&subnetId=7" 2018/11/08 14:31:33 [error] 114822#0: 71 FastCGI sent in stderr: "PHP message: PHP Warning: exec() has been disabled for security reasons in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 22 PHP message: PHP Warning: array_filter() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25 PHP message: PHP Warning: array_values() expects parameter 1 to be array, null given in /usr/local/nginx/html/app/subnets/scan/subnet-scan-icmp.php on line 25" while reading response header from upstream, client: 53.48.2.153, server: localhost, request: "POST /app/subnets/scan/subnet-scan-execute.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "53.48.23.6", referrer: "http://53.48.23.6/index.php?page=subnets&section=1&subnetId=7" 2018/11/08 14:31:37 [error] 114822#0: 69 open() "/usr/local/nginx/html/css/bootstrap/bootstrap-custom-dark.css.map" failed (2: No such file or directory), client: 53.48.2.153, server: localhost, request: "GET /css/bootstrap/bootstrap-custom-dark.css.map HTTP/1.1", host: "53.48.23.6"

My subnet is not all use,but phpipam view used all ,no free ip04

System environment Redhat7-nginx1.5-Mariadb10.3-php7.2

phpipam1.4.11

This is my php and nginx config php_nginx_config.zip

phpipam commented 5 years ago 
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names.
; http://php.net/disable-functions
disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname

Remove exec from disable_functions and restart php-fpm.

anyunpu commented 5 years ago 
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names.
; http://php.net/disable-functions
disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname

从disable_functions中删除exec并重启php-fpm。

Thank you, solved the problem that has been bothering me for a few weeks.