From 4df28ca6594fe21fd842e2a41303624834e21019 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Thu, 23 Aug 2018 12:23:48 +0200
Subject: [PHP-2372] test all PHP files for expose_php and improved logging

---
 include/tests_php | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

(limited to 'include/tests_php')

diff --git a/include/tests_php b/include/tests_php
index 4e76b15d..4da3c44c 100644
--- a/include/tests_php
+++ b/include/tests_php
@@ -223,25 +223,33 @@
 #################################################################################
 #
     # Test        : PHP-2372
-    # Description : Check php expose_php option
-    # Notes       : Extend test to check all PHP files YYY
-    if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+    # Description : Check PHP expose_php option
+    # Background  : When this option is turned on, PHP will show its version number in the HTTP headers
+    # Notes       : TODO - Extend test to check all PHP files
+    if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
     Register --test-no PHP-2372 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP expose_php option"
     if [ ${SKIPTEST} -eq 0 ]; then
-        LogText "Test: Checking expose_php option"
-        FIND=$(${EGREPBINARY} -i 'expose_php.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
-        if [ -z "${FIND}" ]; then
+        FOUND=0
+        for FILE in ${PHPINI_ALLFILES}; do
+            LogText "Test: Checking file ${FILE}"
+            FIND=$(${EGREPBINARY} -i 'expose_php.*(on|yes|1)' ${FILE} | ${GREPBINARY} -v '^;')
+            if HasData "${FIND}"; then
+                LogText "Result: found a a possible match on expose_php setting"
+                LogText "Data: ${FIND}"
+                FOUND=1
+            fi
+        done
+
+        if [ ${FOUND} -eq 1 ]; then
             Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_ON}" --color RED
-            ReportWarning ${TEST_NO} "PHP option expose_php is possibly turned on, which can reveal useful information for attackers."
-            ReportSuggestion ${TEST_NO} "Change the expose_php line to: expose_php = Off"
+            ReportSuggestion ${TEST_NO} "Turn off PHP information exposure" "expose_php = Off" "-"
             Report "Result: expose_php option is turned on, which can expose useful information for an attacker"
-            AddHP 1 2
+            AddHP 1 3
         else
             Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_OFF}" --color GREEN
             LogText "Result: Found 'expose_php' in disabled state (0, no, or off)"
             AddHP 2 2
         fi
-        # TODO Check through all files
     fi
 #
 #################################################################################
-- 
cgit v1.2.3