Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WAMP Xdebug - Detect" module is designed to detect the presence of the WAMP Xdebug software and identify any misconfigurations. Xdebug is a powerful debugging and profiling tool for PHP. This module focuses on detecting misconfigurations related to the "xdebug.remote_connect_back" setting.
This module has an informative severity level, meaning it provides valuable information about the configuration but does not indicate a vulnerability or exploit.
This module was authored by e_schultze_.
The impact of this module is purely informative. It helps identify whether the "xdebug.remote_connect_back" setting is enabled, which can be useful for troubleshooting and ensuring proper configuration of the WAMP Xdebug software.
The "WAMP Xdebug - Detect" module works by sending an HTTP GET request to the target with the path "/?phpinfo=-1". It then checks the response body for the presence of the string "xdebug.remote_connect_back". If this string is found, it indicates that the "xdebug.remote_connect_back" setting is enabled.
Matching conditions:
- Part: Body
Type: Word
Words: xdebug.remote_connect_back</td><td class="v">On</td><td class="v">On</td>
Negative: false
Condition: and
This condition ensures that the response body contains the specific string indicating the enabled "xdebug.remote_connect_back" setting.
For more information, you can refer to the GitHub repository associated with this module.