shell_exec not working with nmap command

Question

I got a problem with the shell_exec php function, here is a example code:

$output = shell_exec('nmap -PS80 -n -oG - --send-ip 11.11.11.11');

if ( $output )
{
     echo "Output found...";
}
else
{
     var_dump( $output );
}

It does return: NULL, but when I change the shell_exec command to the following:

$output = shell_exec('echo 1');

then the output is: Output found... so its working properly, and there is no problems with permissions or safe mode (which is off , by the way).

It is having a problems with execute the nmap command. I've check that command in the shell command line in putty and its working properly:

# nmap -PS80 -n -oG - --send-ip 11.11.11.11
# Nmap 5.61TEST2 scan initiated Tue Feb 28 13:55:41 2012 as: nmap -PS80 -n -oG - --send-ip 11.11.11.11
# Nmap done at Tue Feb 28 13:55:43 2012 -- 1 IP address (0 hosts up) scanned in 0.04 seconds

So where is the problem?

Electronick · Accepted Answer · 2012-02-28T14:17:45.997

4

Try to specify full path to nmap like /usr/local/bin/nmap. PHP might not know about nmap location. Enjoy!

edited Feb 28 '12 at 14:17

answered Feb 28 '12 at 14:02

Electronick

1,122
8
15

PHP is just executing the `shell_exec` function, so there is nothing related to the nmap location, same as `echo` - do I have to specify full path to the `echo` ? I dont think so =/ – Cyclone Feb 28 '12 at 14:07
because you don't understand how nmap registered in your shell. Look @ http://stackoverflow.com/questions/9401824/exec-command-doesnt-work-as-expected/9401924#9401924 – Electronick Feb 28 '12 at 14:09
Wtf, it worked while I replaced `nmap [..]` with the `/usr/local/bin/nmap` (where the nmap executable is located). Thank you! Could you edit your answer a bit, so I can rate up you answer, since I've down rated it, and now I feel so stupid - sorry. – Cyclone Feb 28 '12 at 14:14

score 2 · Answer 2 · answered Feb 28 '12 at 13:59

2

You might want to resort to exec() instead, which gives you greater error diagnostics:

// Capture outout from STDERR as well
$command = "nmap ... 2>&1";

exec($command, $output, $return_var);

// If return code is not zero, the command failed
if ($return_var != 0) 
{
    // dump all output, including error messages
    var_dump($output);
}

answered Feb 28 '12 at 13:59

Linus Kleen

33,871
11
91
99

It does return: `array(0) { } array(0) { }`. – Cyclone Feb 28 '12 at 14:10

shell_exec not working with nmap command

2 Answers2

Linked