Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "phpinfo Disclosure" module is designed to detect the presence of a "PHP Info" page on a website. This page displays detailed information about the PHP environment, which can be useful for attackers to identify potential vulnerabilities or misconfigurations. The module targets websites that have a PHP Info page exposed, indicating a potential security risk. The severity of this module is classified as low.
If an attacker discovers a PHP Info page, they can gather valuable information about the PHP environment, including the PHP version, installed extensions, and server configuration. This information can aid attackers in identifying potential vulnerabilities or misconfigurations that can be exploited to gain unauthorized access or perform other malicious activities.
The "phpinfo Disclosure" module sends HTTP requests to various common paths where PHP Info pages are commonly found. It checks for the presence of specific keywords, such as "PHP Extension" and "PHP Version," in the response body. Additionally, it verifies that the HTTP response status is 200, indicating a successful request. If both conditions are met, the module flags the website as having a PHP Info page exposed.
Example HTTP request:
GET /php.php
The module uses the following matching conditions:
- The response body must contain the keywords "PHP Extension" and "PHP Version". - The HTTP response status must be 200.By detecting the presence of a PHP Info page, the module helps website owners identify and secure potential vulnerabilities or misconfigurations in their PHP environment.