diff options
| author | (╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW <mostafa.hussein91@gmail.com> | 2017-06-14 15:06:51 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-06-14 15:06:51 +0300 |
| commit | 4cbe8f32c6e9c0862354fedf28e192035211f070 (patch) | |
| tree | f4c796141d6e6cfd4dc75c98688a9fec13c5e96a /include/tests_php | |
| parent | 9dc4efefd6acd5fb7a7b14adde026531e48df4a0 (diff) | |
add suhosin status test (#401)
* add suhosin status test
* get matched line only
Diffstat (limited to 'include/tests_php')
| -rw-r--r-- | include/tests_php | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/include/tests_php b/include/tests_php index 4a14a0c5..760682a7 100644 --- a/include/tests_php +++ b/include/tests_php @@ -276,6 +276,39 @@ # ################################################################################# # + # Test : PHP-2379 + # Description : Check PHP suhosin extension status + if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no PHP-2379 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP suhosin extension status" + if [ ${SKIPTEST} -eq 0 ]; then + FOUND=0 + for I in ${PHPINI_ALLFILES}; do + LogText "Test: Checking for PHP suhosin extension status in file ${I}" + FIND=$(${GREPBINARY} -oP '^extension=.*?suhosin.so.*$' ${I}) + if [ -z "${FIND}" ]; then + LogText "Result: ${I}: suhosin is not enabled" + else + LogText "Result: ${I}: suhosin is enabled" + FOUND=1 + fi + done + + if [ ${FOUND} -eq 0 ]; then + LogText "Result: Suhosin extension is not enabled" + Display --indent 4 --text "- Checking PHP disabled functions" --result "${STATUS_NONE}" --color RED + ReportSuggestion ${TEST_NO} "Harden PHP by enabling suhosin extension" + LogText "suhosin extension is not enabled" + AddHP 0 1 + + else + LogText "Result: suhosin extension is enabled" + Display --indent 4 --text "- Checking PHP suhosin extension status" --result "${STATUS_FOUND}" --color GREEN + AddHP 2 2 + fi + fi +# +################################################################################# +# WaitForKeyPress |