Bug #27051 [Com]: Impersonation with FastCGI does not EXEC process as impersonated user

Wed, 24 Mar 2010 16:18:01 -0700 

Edit report at http://bugs.php.net/bug.php?id=27051&edit=1

 ID:               27051
 Comment by:       heer2351 at zonnet dot nl
 Reported by:      ghoffer at globalscape dot com
 Summary:          Impersonation with FastCGI does not EXEC process as
                   impersonated user
 Status:           Feedback
 Type:             Bug
 Package:          CGI related
 Operating System: Windows
 PHP Version:      5.3
 Assigned To:      pajoye

 New Comment:

Changed to your suggestion with \\, same error.



Changed to 5.2.13 ran my version and your version both echo the correct
username.


Previous Comments:
------------------------------------------------------------------------
[2010-03-25 00:13:31] heer2351 at zonnet dot nl

What I do not understand is that 5.2.13 works and 5.3.2 (or 5.3.3) does
not work with the same configuration.

------------------------------------------------------------------------
[2010-03-25 00:11:56] [email protected]

echo exec('c:\Windows\System32\whoami'); can't work.



echo exec('c:\\Windows\\System32\\whoami'); should work.

------------------------------------------------------------------------
[2010-03-25 00:09:56] heer2351 at zonnet dot nl

Box is behind a company firewall so you can unfortunately not access
it.

This is an intranet site.

------------------------------------------------------------------------
[2010-03-25 00:08:31] heer2351 at zonnet dot nl

This is what I ran:

<?php

echo exec('c:\Windows\System32\whoami');

?> 



ProcMon shows cmd.exe being started by php-cgi.exe

A thread is created running as the correct user.

Excecuted command is: cmd.exe /c "c:\Windows\System32\whoami"



I do notice that the process exits with Exit Status 5, which is normally
access denied.



I have however already tried to give Everyone full access to the whole
machine, i.e. all drives. Still the same error.

------------------------------------------------------------------------
[2010-03-25 00:04:10] [email protected]

btw, is it possible to access this box? I could try to debug what's
wrong there as it works just fine with the same constellation here (same
windows, IIS and fcgi versions).

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    http://bugs.php.net/bug.php?id=27051


-- 
Edit this bug report at http://bugs.php.net/bug.php?id=27051&edit=1

Reply via email to