如何实现使用cgi自动添加用户? 只要你的WEB SERVER执行权限是root(不过这样web server就不安全了)或者能su成ROOT 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 如果用root去运行apache的话,用户在它的CGI里来一句rm -fr /你不就挂了??特别是在个人主页比较多的情况下,岂不被人骂死? 问题基本解决了!写一个程序使它可以setuid(0),然后对用户的密码进行加密,再将这个串写到/etc/shadow就可以了。:)以前是不知道shadow是怎么加密的,现在看来。哎。#define _XOPEN_SOURCE#include <stdio.h>#include <unistd.h>int main(int argc, char **argv){ char *pwd; FILE *pwdf; printf("%s\n",pwd); if (setuid(0)==-1) { printf("Can not setuid. Exit."); exit(-1); } if (fopen("/etc/shadow","a+")==NULL) { printf("Open password file failed!"); exit(-1); } pwd = crypt(argv[1],"$1$12"); //再将它放到/etc/shadow里面就可以了。} 以下是完整的源程序,在mandranke7.0下已经用过了。编译时:gcc add.c -lcrypt就可以了。#define _XOPEN_SOURCE#include <stdio.h>#include <pwd.h>#include <unistd.h>int main(int argc, char **argv){ char *pwd, line[256], sline[256], cmd[256]; FILE *uidf, *passwdf, *shadowf; int i, uid; if (setuid(0)==-1) { printf("Can not setuid. Exit."); exit(-1); } pwd=crypt(argv[2],"$1$12"); for (i=0;i<256;i++) { line[i]=0; sline[i]=0; } uid=500; do { uid++; }while(getpwuid(uid)!=NULL); snprintf(line,256,"%s:x:%d:800::/home/web/./%s:/usr/bin/passwd\n",argv[1],uid,argv[1]); snprintf(sline,256,"%s:%s:11128:0:99999:7:-1:-1:2858172\n",argv[1],pwd); if ((passwdf=fopen("/etc/passwd","a+"))==NULL) { printf("Open passd file failed!"); exit(-1); } if ((shadowf=fopen("/etc/shadow","a+"))==NULL) { printf("Open shadow file failed!"); exit(-1); } fputs(line,passwdf); fputs(sline,shadowf); if (fclose(passwdf)==EOF) { printf("Close password file failed!"); exit(-1); } if (fclose(shadowf)==EOF) { printf("Close shadow password file failed!"); exit(-1); } // the following is adding the user's home directory. snprintf(cmd,256,"/bin/mkdir /home/web/%s",argv[1]); system(cmd); snprintf(cmd,256,"/bin/chmod a+rx /home/web/%s",argv[1]); system(cmd); snprintf(cmd,256,"/bin/chown %s.webgroup /home/web/%s",argv[1],argv[1]); system(cmd); return 0;} 关于PHP伪静态的探讨 网页如何从wordpress调用文章更新板块,专业人员请进 [分享]php中的引用传值分析 PHP5连接MSSQL2000 一个关于时间控件的问题! PHP老问题 php可以操作word文档吗 [分享|讨论]我有一个好想法,不晓得这会不会只是一个天才的想法,而没有实现的可能性。 刚刚学习PHP的人,请教的一个问题.! web开发都用到些什么技术? 好像就是处理处理数据库。。。 ASP2PHP如何使用?请高手告知! 请教:在Win98下,Apache如何加入php3功能如何配置
特别是在个人主页比较多的情况下,岂不被人骂死?
写一个程序使它可以setuid(0),然后对用户的密码进行加密,再将这个串
写到/etc/shadow就可以了。
:)
以前是不知道shadow是怎么加密的,现在看来。哎。
#define _XOPEN_SOURCE
#include <stdio.h>
#include <unistd.h>
int main(int argc, char **argv)
{
char *pwd;
FILE *pwdf;
printf("%s\n",pwd);
if (setuid(0)==-1)
{
printf("Can not setuid. Exit.");
exit(-1);
}
if (fopen("/etc/shadow","a+")==NULL)
{
printf("Open password file failed!");
exit(-1);
}
pwd = crypt(argv[1],"$1$12");
//再将它放到/etc/shadow里面就可以了。
}
编译时:gcc add.c -lcrypt就可以了。
#define _XOPEN_SOURCE
#include <stdio.h>
#include <pwd.h>
#include <unistd.h>
int main(int argc, char **argv)
{
char *pwd, line[256], sline[256], cmd[256];
FILE *uidf, *passwdf, *shadowf;
int i, uid;
if (setuid(0)==-1)
{
printf("Can not setuid. Exit.");
exit(-1);
}
pwd=crypt(argv[2],"$1$12");
for (i=0;i<256;i++)
{
line[i]=0;
sline[i]=0;
}
uid=500;
do
{
uid++;
}while(getpwuid(uid)!=NULL);
snprintf(line,256,"%s:x:%d:800::/home/web/./%s:/usr/bin/passwd\n",argv[1],uid,argv[1]);
snprintf(sline,256,"%s:%s:11128:0:99999:7:-1:-1:2858172\n",argv[1],pwd);
if ((passwdf=fopen("/etc/passwd","a+"))==NULL)
{
printf("Open passd file failed!");
exit(-1);
}
if ((shadowf=fopen("/etc/shadow","a+"))==NULL)
{
printf("Open shadow file failed!");
exit(-1);
}
fputs(line,passwdf);
fputs(sline,shadowf);
if (fclose(passwdf)==EOF)
{
printf("Close password file failed!");
exit(-1);
}
if (fclose(shadowf)==EOF)
{
printf("Close shadow password file failed!");
exit(-1);
}
// the following is adding the user's home directory.
snprintf(cmd,256,"/bin/mkdir /home/web/%s",argv[1]);
system(cmd);
snprintf(cmd,256,"/bin/chmod a+rx /home/web/%s",argv[1]);
system(cmd);
snprintf(cmd,256,"/bin/chown %s.webgroup /home/web/%s",argv[1],argv[1]);
system(cmd);
return 0;
}