38 lines
930 B
YAML
38 lines
930 B
YAML
id: php-ini
|
|
|
|
info:
|
|
name: Php.ini File Disclosure
|
|
author: geeknik,DhiyaneshDK
|
|
severity: low
|
|
description: php.ini file is exposed.
|
|
reference: https://www.php.net/manual/en/configuration.file.php
|
|
classification:
|
|
cpe: cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
vendor: php
|
|
product: php
|
|
shodan-query: php.ini
|
|
tags: config,exposure,files
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/php.ini"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "[PHP]"
|
|
- "short_open_tag"
|
|
- "safe_mode"
|
|
- "expose_php"
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a0047304502204ddeb91cd3d000048cf359bdb0fe9e0e7b1d77c7325c10ce2f2745c56b7d3d27022100a2257c039ab429d268a774a1753ea7a9c67b8a0cd6a9d22cafefe8401bf101aa:922c64590222798bb761d5b6d8e72950 |