Phpinfo() Open Base Directory Is Disabled

OWASP 2013-A6 OWASP 2017-A3 CAPEC-346 CWE-213 ISO27001-A.18.1.3 WASC-13

The open base directory (open_basedir) in PHP is a security function which is used to define the locations or paths from which the PHP is allowed to access files. The open_basedir function is used to create a whitelist of all the web’s accessible folders. Any request for files outside the open_basedir’s list will be rejected. The open base directory enables the usage of two functions; fopen() and gzopen(). If open_basedir is turned off, the attacker will be able to access any files using PHP. The open_basedir can be found in apache configuration file or httpd.config file with the setting name as php_admin_value open_basedir. Using phpinfo() function an attacker can confirm if the site has disabled or enabled the open base directory. If the open base directory is disabled, he can plan an attacker according to the vulnerability.

Example

The following code is the example of disabled open_basedir.

        php_admin_value open_basedir none

    

Impact

Using this vulnerability, an attacker can:-

  • execute any files using PHP.
  • perform any attacks to extract sensitive information from the server.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Enable open_basedir.
  • Use input filtering methods.
  • Use updated versions of PHP.

Latest Articles