Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Php User.ini Disclosure

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#config#files
Description

What is the "Php User.ini Disclosure?"

The "Php User.ini Disclosure" module is designed to detect misconfigurations in the user.ini file of PHP applications. It targets PHP applications that use the user.ini file for configuration settings. This module has a medium severity level and was created by an unknown author.

Impact

This module can identify potential exposure of sensitive configuration files in PHP applications. If the user.ini file is misconfigured, it may expose critical information such as database credentials, API keys, or other sensitive data. Attackers can exploit this vulnerability to gain unauthorized access to the application or perform other malicious activities.

How the module works?

The "Php User.ini Disclosure" module sends HTTP requests to specific paths, including "/user.ini" and "/.user.ini". It then applies matching conditions to determine if the user.ini file is exposed and potentially misconfigured.

The module uses two matching conditions:

    - Body Matcher: It checks the response body for specific keywords such as "assert", "highlight", "opcache", "mssql", "oci8", and "agent". If any of these keywords are found, it indicates a potential misconfiguration. - Status Matcher: It verifies that the HTTP response status is 200, indicating a successful request. If the status is different, the module does not consider it a match.

By combining these matching conditions, the module can identify PHP applications that have a user.ini file exposed and potentially misconfigured.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/user.ini/.user.ini
Matching conditions
word: assert, highlight, opcache, mssql, oci8,...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability