69 lines
1.8 KiB
YAML
69 lines
1.8 KiB
YAML
id: phpinfo-files
|
|
|
|
info:
|
|
name: PHPinfo Page - Detect
|
|
author: pdteam,daffainfo,meme-lord,dhiyaneshDK,wabafet,mastercho
|
|
severity: low
|
|
description: |
|
|
PHPinfo page was detected. The output of the phpinfo() command can reveal sensitive and detailed PHP environment information.
|
|
remediation: Remove PHP Info pages from publicly accessible sites, or restrict access to authorized users only.
|
|
classification:
|
|
cwe-id: CWE-200
|
|
metadata:
|
|
max-request: 25
|
|
tags: config,exposure,phpinfo
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}{{paths}}"
|
|
payloads:
|
|
paths:
|
|
- "/php.php"
|
|
- "/php2.php"
|
|
- "/phpinfo.php"
|
|
- "/info.php"
|
|
- "/infophp.php"
|
|
- "/php_info.php"
|
|
- "/test.php"
|
|
- "/i.php"
|
|
- "/p.php"
|
|
- "/pi.php"
|
|
- "/asdf.php"
|
|
- "/pinfo.php"
|
|
- "/phpversion.php"
|
|
- "/time.php"
|
|
- "/index.php"
|
|
- "/temp.php"
|
|
- "/old_phpinfo.php"
|
|
- "/infos.php"
|
|
- "/linusadmin-phpinfo.php"
|
|
- "/php-info.php"
|
|
- "/dashboard/phpinfo.php"
|
|
- "/_profiler/phpinfo.php"
|
|
- "/_profiler/phpinfo"
|
|
- "/?phpinfo=1"
|
|
- "/l.php?act=phpinfo"
|
|
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "PHP Extension"
|
|
- "PHP Version"
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
group: 1
|
|
regex:
|
|
- '>PHP Version <\/td><td class="v">([0-9.]+)'
|
|
# digest: 4a0a0047304502210099232841cdc5c231ae3d676d8a93bdf005460495483757f8fc3716bc033b481a02202dacf40e940a66680b41af4802eb37a6e470d949904241b26612ba281013e422:922c64590222798bb761d5b6d8e72950 |