Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Php.ini File Disclosure

By kannthu

Low
Vidoc logoVidoc Module
#config#exposure#files
Description

What is the "Php.ini File Disclosure?"

The "Php.ini File Disclosure" module is designed to detect a misconfiguration in the PHP configuration file (php.ini) that may lead to the disclosure of sensitive information. This module targets websites that use PHP as their server-side scripting language.

The severity of this module is classified as low, indicating that the vulnerability it detects may have limited impact on the security of the website.

This module was authored by geeknik and DhiyaneshDK.

Impact

If the Php.ini File Disclosure vulnerability is present, an attacker may be able to access the php.ini file, which contains sensitive configuration information for the PHP installation. This could potentially expose details such as PHP settings, including short_open_tag, safe_mode, and expose_php.

By gaining access to this information, an attacker may be able to gather valuable insights about the PHP environment and potentially exploit any misconfigurations or weaknesses.

How the module works?

The "Php.ini File Disclosure" module works by sending a GET request to the "/php.ini" path on the target website. It then applies matching conditions to determine if the php.ini file is exposed and if specific keywords related to PHP configuration are present in the response body.

For example, the module checks for the presence of the following keywords in the response body: [PHP], short_open_tag, safe_mode, and expose_php. Additionally, it verifies that the HTTP response status code is 200, indicating a successful request.

If all the matching conditions are met, the module reports a vulnerability, indicating that the php.ini file is accessible and potentially exposing sensitive PHP configuration information.

Reference

https://www.php.net/manual/en/configuration.file.php

Metadata

verified: true

shodan-query: php.ini

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/php.ini
Matching conditions
word: [PHP], short_open_tag, safe_mode, expose...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability