diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-08-25 16:31:33 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-08-25 16:31:33 +0300 |
| commit | 679e8c628e2a42df13bec79da256b1bf7b68d6b3 (patch) | |
| tree | d58b1567c5e9e0f28e1accf9421eb0bf786a1c48 /include/tests_php | |
| parent | a6b04a3ace0385bb0c912cbbf48a14d59be7f88a (diff) | |
Use detected binaries
Diffstat (limited to 'include/tests_php')
| -rw-r--r-- | include/tests_php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/include/tests_php b/include/tests_php index bdba203c..7e6c548b 100644 --- a/include/tests_php +++ b/include/tests_php @@ -99,7 +99,7 @@ FOUND=0 for I in ${PHPINI_ALLFILES}; do LogText "Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file ${I}" - FIND=`grep "^disable_functions.*=" ${I}` + FIND=`${GREPBINARY} "^disable_functions.*=" ${I}` if [ "${FIND}" = "" ]; then LogText "Result: ${I}: disabled_functions not found" else @@ -107,7 +107,7 @@ FOUND=1 fi - FIND=`grep "^suhosin.executor.func.blacklist=" ${I}` + FIND=`${GREPBINARY} "^suhosin.executor.func.blacklist=" ${I}` if [ "${FIND}" = "" ]; then LogText "Result: ${I}: suhosin.executor.func.blacklist not found" else @@ -153,7 +153,7 @@ Register --test-no PHP-2368 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP register_globals option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP register_globals option" - FIND=`egrep -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | grep -v '^;'` + FIND=`${EGREPBINARY} -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;'` if [ ! "${FIND}" = "" ]; then Display --indent 4 --text "- Checking register_globals option" --result "${STATUS_WARNING}" --color RED ReportWarning ${TEST_NO} "PHP option register_globals option is turned on, which can be a risk for variable value overwriting" @@ -177,7 +177,7 @@ Register --test-no PHP-2372 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP expose_php option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking expose_php option" - FIND=`egrep -i 'expose_php.*(off|no|0)' ${PHPINIFILE} | grep -v '^;'` + FIND=`${EGREPBINARY} -i 'expose_php.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;'` if [ "${FIND}" = "" ]; then Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_ON}" --color RED ReportWarning ${TEST_NO} "PHP option expose_php is possibly turned on, which can reveal useful information for attackers." @@ -201,7 +201,7 @@ Register --test-no PHP-2374 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP enable_dl option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP enable_dl option" - FIND=$(egrep -i 'enable_dl.*(on|yes|1)' ${PHPINIFILE} | grep -v '^;') + FIND=$(${EGREPBINARY} -i 'enable_dl.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;') if [ ! -z "${FIND}" ]; then Display --indent 4 --text "- Checking enable_dl option" --result "${STATUS_ON}" --color YELLOW Report "Result: enable_dl option is turned on, which can be used to enable more modules dynamically and circumventing security controls" @@ -223,7 +223,7 @@ Register --test-no PHP-2376 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_fopen option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP allow_url_fopen option" - FIND=`egrep -i 'allow_url_fopen.*(off|no|0)' ${PHPINIFILE} | grep -v '^;'` + FIND=`${EGREPBINARY} -i 'allow_url_fopen.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;'` if [ "${FIND}" = "" ]; then Display --indent 4 --text "- Checking allow_url_fopen option" --result "${STATUS_ON}" --color YELLOW LogText "Result: allow_url_fopen option is turned on, which can be used for riskful downloads via PHP" @@ -246,7 +246,7 @@ Register --test-no PHP-2378 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_include option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP allow_url_include option" - FIND=`egrep -i 'allow_url_include.*(off|no|0)' ${PHPINIFILE} | grep -v '^;'` + FIND=`${EGREPBINARY} -i 'allow_url_include.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;'` if [ "${FIND}" = "" ]; then Display --indent 4 --text "- Checking allow_url_include option" --result "${STATUS_ON}" --color YELLOW Report "Result: allow_url_include option is turned on, which can be used for riskful downloads via PHP" |