Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

phpinfo Disclosure

By kannthu

Low
Vidoc logoVidoc Module
#config#exposure#phpinfo
Description

What is the "phpinfo Disclosure?"

The "phpinfo Disclosure" module is designed to detect the presence of a "PHP Info" page on a website. This page displays detailed information about the PHP environment, which can be useful for attackers to identify potential vulnerabilities or misconfigurations. The module targets websites that have a PHP Info page exposed, indicating a potential security risk. The severity of this module is classified as low.

Impact

If an attacker discovers a PHP Info page, they can gather valuable information about the PHP environment, including the PHP version, installed extensions, and server configuration. This information can aid attackers in identifying potential vulnerabilities or misconfigurations that can be exploited to gain unauthorized access or perform other malicious activities.

How the module works?

The "phpinfo Disclosure" module sends HTTP requests to various common paths where PHP Info pages are commonly found. It checks for the presence of specific keywords, such as "PHP Extension" and "PHP Version," in the response body. Additionally, it verifies that the HTTP response status is 200, indicating a successful request. If both conditions are met, the module flags the website as having a PHP Info page exposed.

Example HTTP request:

GET /php.php

The module uses the following matching conditions:

- The response body must contain the keywords "PHP Extension" and "PHP Version". - The HTTP response status must be 200.

By detecting the presence of a PHP Info page, the module helps website owners identify and secure potential vulnerabilities or misconfigurations in their PHP environment.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/php.php/phpinfo.php/info.php(+18 paths)
Matching conditions
word: PHP Extension, PHP Versionand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability