Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "PHP source disclosure through backup files" module is designed to detect the presence of backup files that may contain sensitive PHP source code. It targets websites or applications that use PHP as their programming language. This module helps identify potential security vulnerabilities that could lead to the exposure of sensitive information.
This module is created by an unknown author.
If backup files containing PHP source code are accessible to unauthorized users, it can lead to the disclosure of sensitive information, such as database credentials, API keys, or other sensitive data. This can potentially be exploited by attackers to gain unauthorized access to the system or perform other malicious activities.
The "PHP source disclosure through backup files" module works by sending HTTP requests to specific file paths commonly used for storing configuration files in PHP-based applications. It uses a technique called "clusterbomb" to test multiple file extensions and filenames for potential backup files.
For example, it may send a GET request to the following path: /wp-config.php~
The module then analyzes the response from the server and applies matching conditions to determine if the file contains PHP source code. It checks for specific keywords, such as "
If any of these conditions are met, the module will report a vulnerability, indicating that backup files containing PHP source code are accessible and may pose a security risk.