Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WAMP Xdebug - Detect

By kannthu

Vidoc logoVidoc Module

What is "WAMP Xdebug - Detect"?

The "WAMP Xdebug - Detect" module is designed to detect the presence of the WAMP Xdebug software and identify any misconfigurations. Xdebug is a powerful debugging and profiling tool for PHP. This module focuses on detecting misconfigurations related to the "xdebug.remote_connect_back" setting.

This module has an informative severity level, meaning it provides valuable information about the configuration but does not indicate a vulnerability or exploit.

This module was authored by e_schultze_.


The impact of this module is purely informative. It helps identify whether the "xdebug.remote_connect_back" setting is enabled, which can be useful for troubleshooting and ensuring proper configuration of the WAMP Xdebug software.

How does the module work?

The "WAMP Xdebug - Detect" module works by sending an HTTP GET request to the target with the path "/?phpinfo=-1". It then checks the response body for the presence of the string "xdebug.remote_connect_back". If this string is found, it indicates that the "xdebug.remote_connect_back" setting is enabled.

Matching conditions:

- Part: Body
  Type: Word
  Words: xdebug.remote_connect_back</td><td class="v">On</td><td class="v">On</td>
  Negative: false
  Condition: and

This condition ensures that the response body contains the specific string indicating the enabled "xdebug.remote_connect_back" setting.

For more information, you can refer to the GitHub repository associated with this module.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: xdebug.remote_connect_back</td><td class...
Passive global matcher
No matching conditions.
On match action
Report vulnerability