Class: Zoom::SecurityProfile::UnsafePhp

Inherits:

Zoom::SecurityProfile

• Object
• Hash
• Profile
• Zoom::SecurityProfile
• Zoom::SecurityProfile::UnsafePhp

Defined in:

lib/zoom/profile/unsafe_php.rb

Instance Attribute Summary

Attributes inherited from Profile

#exts, #files, #format_flags, #regex, #taggable

Instance Method Summary

• #initialize(n = nil, t = nil, f = nil, b = nil, a = nil) ⇒ UnsafePhp constructor

  A new instance of UnsafePhp.

Methods inherited from Zoom::SecurityProfile

#after, #before, #exe, #flags, #grep_like_format_flags, #only_exts_and_files, #preprocess, #tool, #translate

Methods inherited from Profile

#after, #before, #class_name, #exe, #flags, from_json, #grep_like_format_flags, #grep_like_tags?, #name, #only_exts_and_files, #preprocess, profile_by_name, subclasses, #to_s, #tool, #translate

Constructor Details

#initialize(n = nil, t = nil, f = nil, b = nil, a = nil) ⇒ UnsafePhp

Returns a new instance of UnsafePhp.

# File 'lib/zoom/profile/unsafe_php.rb', line 2

def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
    t = Zoom::ProfileManager.default_tool

    super(n, t, f, b, a)
    @exts = ["php", "php3", "php4", "php5", "phpt", "phtml"]

    # From here: https://www.eukhost.com/blog/webhosting/dangerous-php-functions-must-be-disabled/
    # OMG is anything safe?!
    functions = [
        "apache_(child_terminate|setenv)",
        "assert",
        "create_function",
        "define_syslog_variables",
        "escapeshell(arg|cmd)",
        "eval",
        "fp(ut)?",
        "ftp_(connect|exec|get|login|(nb_f)?put|raw(list)?)",
        "highlight_file",
        "ini_(alter|get_all|restore)",
        "inject_code",
        "mysql_pconnect",
        "openlog",
        "passthru",
        "pcntl_exec",
        "php_uname",
        "phpAds_(remoteInfo|XmlRpc|xmlrpc(De|En)code)",
        "popen",
        "posix_(getpwuid|kill|mkfifo|set(pg|s|u)id|uname)",
        "preg_replace",
        "proc_(close|get_status|nice|open|terminate)",
        "(shell_)?exec",
        "sys(log|tem)",
        "xmlrpc_entity_decode"
    ]
    get_params = "\\$_GET\\["
    includes = "(include|require)(_once)?"
    shell = "`"
    start_or_not_variable = "(^|[^\\nA-Za-z_])"

    @regex = [
        shell,
        get_params,
        [
            start_or_not_variable,
            "(",
            [
                includes,
                "(#{functions.join("|")})\\(",
            ].join("|"),
            ")"
        ].join
    ].join("|")
end