I made a shell script that detects network interfagces then for each interface it detects the IP address, mask, broadcast address, then it makes a ping to all IP addresses for this network interface.

The script has execute permissions. Normally, the script will save the list of network interfaces (eth0 eth1 wlan0) in a file called "resultat" but when I run this script from a web page with php's shell_exec command (echo 'password for www-data user' | / usr/lib/cgi-bin/sudo -S global.sh bin/bash/") no output is generated.

If I run the same script as user www-data in the terminal, the result file is correctly populated.

The script:

  #!/bin/bash
  #####   paramères relatives au connexion à la base de données
  HOST_BDD="localhost"
  LOGIN="root"
  PASSWD="password"
  NOM_BDD="dbnessus"
  ##### ces requettes pour vider les tables avant de faire la detection
  vider2="TRUNCATE machine_connecte"
  echo $vider2 | /usr/bin/mysql -h $HOST_BDD 
  -u $LOGIN -p$PASSWD -s $NOM_BDD

  vider1="TRUNCATE interfaces"
  echo $vider1 | /usr/bin/mysql -h $HOST_BDD 
  -u $LOGIN -p$PASSWD -s $NOM_BDD

  initialise="ALTER TABLE machine_connecte AUTO_INCREMENT=0"
  echo $initialise | /usr/bin/mysql -h $HOST_BDD 
  -u $LOGIN -p$PASSWD -s $NOM_BDD
  #######################################################

  /usr/lib/cgi-bin/get_interface.sh > /usr/lib/cgi-bin/liste_interfaces
  while read line; 
  do 

  ip=$(/usr/lib/cgi-bin/get_ip.sh $line)
  mask=$(/usr/lib/cgi-bin/get_netmask.sh $line)
  bcast=$(/usr/lib/cgi-bin/get_bcast.sh $line)


  ###fonction is_alive_ping
  is_alive_ping()
  {
    ping -i 100 -c 1 $1 > /dev/null 2> /dev/null
   [ $? -eq 0 ] && echo  $i >>/usr/lib/cgi-bin/resultat
  }
  cat /dev/null >/usr/lib/cgi-bin/resultat;
  #########


  ###division des octet d'adresse de broadcst
  if [ "$ip" != "" ]
  then
  i1="$(echo $bcast |cut -d"." -f1)"
  i2="$(echo $bcast |cut -d"." -f2)"
  i3="$(echo $bcast |cut -d"." -f3)"
  i4="$(echo $bcast |cut -d"." -f4)"
  fi
  ###  { HostID / NetworkID } / classe du réseau

  ##################### A.255.255.255 Classe A
  if [ "$i2" == "255" ]
  then
for i in "$i1".{1..254}.{1..254}.{1..254}
do
is_alive_ping $i & disown
done
  fi
  ##################### A.B.255.255 Classe B
  if [ "$i2" != "255" ] && [ "$i3" == "255" ]
  then
for i in "$i1.$i2".{1..254}.{1..254} 
do
is_alive_ping $i & disown
done
  fi
  ##################### A.B.C.255 Classe C
  if [ "$i2" != "255" ] && [ "$i3" != "255" ]&& [ "$i4" == "255" ]
  then
for i in "$i1.$i2.$i3".{1..254} 
do
is_alive_ping $i & disown
    done
  fi
  ################
while read ip_up; 
do 
hostname=$(/usr/bin/resolveip -s $ip_up 2>/dev/null)
if [ "$hostname" == "" ]
then
hostname="*"
fi
mac=$(/usr/sbin/arp -a $ip_up |cut -d" " -f4)
if [ "$ip_up" == "$ip" ] 
then
mac=$(/sbin/ifconfig $line |grep 'HWaddr'|grep -v '127.0.0.1'|awk '{ print $5}')
fi
OS=$( /usr/bin/nmap -A $ip_up |grep "Service Info:" |awk '{print $4,$5}' )
if [ "$OS" == "Unix, Linux" ] || [ "$OS" == "Linux" ]
then
OS="Linux"
elif [ "$OS" == "Windows " ]
then 
OS="Windows"
else
OS="*"
fi
 #sql1="INSERT INTO  dbnessus.interfaces (nom_interface)VALUES ('$line');"
 sql1="INSERT IGNORE INTO  dbnessus.interfaces (nom_interface)VALUES ('$line');"
 sql2="INSERT INTO  dbnessus.machine_connecte (idmachine ,ip_mach ,mask_mach,
 nom_mach,mac_mach ,os_mach ,interfaces_nom_interface)VALUES ( NULL,  '$ip_up',
 '$mask', '$hostname', '$mac',  '$OS',  '$line');"


 echo $sql1 | /usr/bin/mysql -h $HOST_BDD -u $LOGIN -p$PASSWD -s $NOM_BDD
 echo $sql2 | /usr/bin/mysql -h $HOST_BDD -u $LOGIN -p$PASSWD -s $NOM_BDD




    done < /usr/lib/cgi-bin/resultat
  ip=""
  done < /usr/lib/cgi-bin/liste_interfaces
  echo "cbon"

Several ideas:

1. Check if shell_exec is in php.ini's disabled_functions (php.ini: disabled_functions)
2. make sure PHP is not running in safe mode (php.ini: safe_mode)
3. make sure php-fpm process (if using php-fpm) or https (if using apxs) works under sufficient privilege (to run the shell script and execute these commands in script) (in this case you can su to that user and see if you can run it from bash)

Sorry I am unable to think of more so far...