๐ U.S. Dept Of Defense: Unauthenticated phpinfo()files could lead to ability file read at โโโโโโโโโ [HtUS]
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Description: Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo()' for debugging purposes, and various PHP applications may also include such a file by default. By accessing it, a remote attacker can discover a large amount of information about the remote web server configuration to help conduct further attacks, including : * root/vps of the web server, operating system and PHP components * Details of the PHP configuration * Loaded PHP extensions with their configurations * Server environment variables. Proof On Concepts: https://โโโโโโโ/info.php Linux โโโโโโโ 3.10.0-1160.80.1.el7.x86_64 #1 SMP Sat Oct 8 18:13:21 UTC 2022 x86_64 Impact The remote web server contains a PHP script that is prone to an information disclosure attack. System Host(s) โโโ Affected Product(s) and Version(s) https://โโโโโโโ/info.php CVE Numbers Steps to Reproduce Visit the target scope is https://โโโโโโโโโโ You can used burp-suite-intruder for finding sensitive directory And now we found a directory is info.php Let's see opened in our browser is directory https://โโโโโโโโ/info.php You can see this page can be view without authenticate Suggested Mitigation/Remediation Actions Remove the affected file(s).... ...