Search code examples
phpiisshell-exec

PHP Warning: shell_exec(): unable to execute '[command]'


background: I have a PHP script which calls shell_exec. For the moment i just want to test that it works and am running a basic command through it. Separate copies of the same script exist in two separate webapps on the same server. Both apps' anonymous authentication are set to IUSR.

Here is the example code:

$output = shell_exec('dir 2>&1');
print_r($output);

Trying it on one website in IIS gives the desired output. However, on another, it does not capture any output and instead give the below error:

PHP Warning:  shell_exec(): Unable to execute 'dir 2>&1' in C:\inetpub\webapp\script.php on line 4

The only information i could find on this error is from here:

With PHP on Windows, if you get the 'Warning: shell_exec() [function.shell-exec]: Unable to execute' error, then you need to check the permissions on file 'C:\WINDOWS\system32\cmd.exe'. You need read/execute permission on this file. I would recommend using the sysinternals Process Monitor 'procmon.exe' to confirm the user that is trying to run 'cmd.exe'. Filter on 'Process Name' is 'php-cgi.exe' and 'Path' ends with 'cmd.exe'. Look at the event properties for the task with the access denied error, and it will show you the 'Impersonating' user name. This is usually the 'Internet Guest Account', often 'NT AUTHORITY\IUSR'.

Yet this doesnt seem like a permissions issue. I cannot understand why its working through on website and not another. Anonymous Authentication for both websites are set to IUSR.

also, safe_mode in php.ini is set to off.

Is there anything else i need to check here? Does cmd.exe need explicit read/execute permissions for IUSR?


Solution

  • It turns out, for whatever reason, that IUSR was the problem. I cannot exactly know why, but changing Anonymous Authentication of the affected website to use another user it worked. So it is permissions related after all.