3

This question is related to: Using "runas" command for a program that writes a file (Windows Server 2008)

I tried to run the runas command from PHP to run that console program:

<?php
exec("runas /savecred /user:User1 writeTxt.exe");
?>

But it doesn't work when called from a browser. However, it works by running it in PHP interactive mode (php -a). Is there anything that must be set in the browser for this?

Community
  • 1
  • 1
ArthurN
  • 179
  • 5
  • 15
  • Try `phpinfo();` and search for the safe_mode directive(s). Is safe_mode active? – TheWolf Sep 25 '13 at 11:03
  • Is it `sql.safe_mode`? If yes, it's already off. However, it's already removed since PHP 5.4.0 (my version is 5.4.19): [PHP:Safe Mode - Manual](http://php.net/manual/en/features.safe-mode.php) – ArthurN Sep 25 '13 at 11:09
  • It should be simply `safe_mode`. Edit: Sorry, forgot Safe Mode has been removed. Never mind. – TheWolf Sep 25 '13 at 11:12
  • A related question is this: [exec - Running command-line application from PHP as specific user - Stack Overflow](http://stackoverflow.com/questions/6913403/running-command-line-application-from-php-as-specific-user). How to do this in Windows? – ArthurN Sep 25 '13 at 11:27
  • I suspect `runas` doesn't work in PHP run on a browser since the command (`runas.exe`) is inside the `Windows\system32` directory. A question: does the internet user account in Windows (`IUSR`) have a read & execute permission for the `system32` folder? Does anybody know about this? – ArthurN Sep 25 '13 at 11:53
  • I did found a some way http://stackoverflow.com/questions/21666449/how-to-run-executable-from-php-website-as-a-specific-windows-user – Slava Feb 11 '14 at 01:23

1 Answers1

0

If I call runas without the /savecred parameter using exec() in PHP (from a browser), the program writeTxt.exe doesn't produce any result. It seems that there's no mechanism for the browser to ask the user's password for runas.

In the PHP interactive mode, once the user's password has been supplied for runas, the usage of /savecred will cause the program to be executed directly without asking for password. Obviously, the PHP interactive mode is a different session from the browser's PHP. Since the browser doesn't have a mechanism to ask for user's password for runas, /savecred is apparently useless for the browser session.

Regarding my comment about the IUSR permission for system32 folder, I've tested it using this code:

<?php
exec("whoami");            // whoami.exe is in the system32 folder
?>

The browser will display IUSR. So IUSR has a read & execute access to the system32 folder.

ArthurN
  • 179
  • 5
  • 15
  • So did you find a solution? Please share if you did. – Slava Feb 09 '14 at 18:15
  • Sorry, I haven't worked on this for quite a long time. Actually this question was "born" because I want to run Microsoft Speech SDK console application using PHP: [Running Windows Speech SDK Application in PHP](http://stackoverflow.com/questions/18956680/running-windows-speech-sdk-application-in-php). – ArthurN Feb 10 '14 at 16:47