How to capture and feed telnet using php and shell scripting?

Question

This is what i want to accomplish using php (possibly using exce()?):

1. telnet to a whois registrar using a program called proxychains:

   proxyc

Answer 1

Here is a basic working example.

 array("pipe", "r"),  // stdin is a pipe that the child will read from
        1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
        2 => array("file", "/tmp/error-output.txt", "a") // stderr is a file to write to
);

// process output goes here
$output  = '';

// store return value on failure
$return_value = null;

// open the process
$process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);

if (is_resource($process)) {
    echo "Opened process...\n";

    $readBuf = '';

    // infinite loop until process returns
    for(;;) {
        usleep(100000); // dont consume too many resources

        // TODO: implement a timeout

        $stat = proc_get_status($process); // get info on process

        if ($stat['running']) { // still running
            $read = fread($pipes[1], 4096);
            if ($read) {
                $readBuf .= $read;
            }

            // read output to determine if telnet connected successfully
            if (strpos($readBuf, "Connected to $whois") !== false) {
                // write our query to process and append newline to initiate
                fwrite($pipes[0], $data . "\n");

                // read the output of the process
                $output = stream_get_contents($pipes[1]);
                break;
            }
        } else {
            // process finished before we could do anything
            $output       = stream_get_contents($pipes[1]); // get output of command
            $return_value = $stat['exitcode']; // set exit code
            break;
        }
    }

    echo "Execution completed.\n";

    if ($return_value != null) {
        var_dump($return_value, file_get_contents($errFile));
    } else {
        var_dump($output);
    }

    // close pipes
    fclose($pipes[1]);
    fclose($pipes[0]);

    // close process
    proc_close($process);
} else {
    echo 'Failed to open process.';
}

This is meant to be run from the command line, but it doesn't have to be. I tried to comment it fairly well. Basically at the beginning you can set the whois server, and the domain to query.

The script uses proc_open to open a proxychains process that calls telnet. It checks to see if the process was opened successfully, and if so check that its status is running. While its running, it reads the output from telnet into a buffer and looks for the string telnet outputs to indicate we are connected.

Once it detects telnet connected, it writes the data to the process followed by a newline (\n) and then reads the data from the pipe where the telnet data goes. Once that happens it breaks out of the loop and closes the process and handles.

You can view the output from proxychains from the file specified by $errFile. This contains the connection information as well as debug information in the event of a connection failure.

There is probably some additional error checking or process management that may need to be done to make it more robust, but if you put this into a function you should be able to easily call it and check the return value to see if the query was successful.

Hope that gives you a good starting point.

Also check out this answer of mine for another working example of proc_open, this example implements a timeout check so you can bail if the command hasn't completed in a certain amount of time: Creating a PHP Online Grading System on Linux: exec Behavior, Process IDs, and grep