[PHP-2372] test all PHP files for expose_php and improved logging

2018-08-23 12:23:48 +02:00 · 2018-08-23 12:23:48 +02:00 · 4df28ca659
parent afaae50989
commit 4df28ca659
1 changed files with 18 additions and 10 deletions
--- a/include/tests_php
+++ b/include/tests_php
@ -223,25 +223,33 @@
 #################################################################################
 #
    # Test        : PHP-2372
-    # Description : Check php expose_php option
-    # Notes       : Extend test to check all PHP files YYY
-    if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+    # Description : Check PHP expose_php option
+    # Background  : When this option is turned on, PHP will show its version number in the HTTP headers
+    # Notes       : TODO - Extend test to check all PHP files
+    if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no PHP-2372 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP expose_php option"
    if [ ${SKIPTEST} -eq 0 ]; then
-        LogText "Test: Checking expose_php option"
-        FIND=$(${EGREPBINARY} -i 'expose_php.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
-        if [ -z "${FIND}" ]; then
+        FOUND=0
+        for FILE in ${PHPINI_ALLFILES}; do
+            LogText "Test: Checking file ${FILE}"
+            FIND=$(${EGREPBINARY} -i 'expose_php.*(on|yes|1)' ${FILE} | ${GREPBINARY} -v '^;')
+            if HasData "${FIND}"; then
+                LogText "Result: found a a possible match on expose_php setting"
+                LogText "Data: ${FIND}"
+                FOUND=1
+            fi
+        done
+
+        if [ ${FOUND} -eq 1 ]; then
            Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_ON}" --color RED
-            ReportWarning ${TEST_NO} "PHP option expose_php is possibly turned on, which can reveal useful information for attackers."
-            ReportSuggestion ${TEST_NO} "Change the expose_php line to: expose_php = Off"
+            ReportSuggestion ${TEST_NO} "Turn off PHP information exposure" "expose_php = Off" "-"
            Report "Result: expose_php option is turned on, which can expose useful information for an attacker"
-            AddHP 1 2
+            AddHP 1 3
        else
            Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_OFF}" --color GREEN
            LogText "Result: Found 'expose_php' in disabled state (0, no, or off)"
            AddHP 2 2
        fi
-        # TODO Check through all files
    fi
 #
 #################################################################################