...
 
Commits (4)
This diff is collapsed.
......@@ -191,6 +191,17 @@ if($has_ispconfig) {
}
mysqli_close($res);
}
$retcode = 0;
$retout = array();
if($clientdb_password) {
exec('mysql -h ' . escapeshellarg($clientdb_host) . ' -u ' . escapeshellarg($clientdb_user) . ' -D ' . escapeshellarg($conf['db_database']) . ' -p' . escapeshellarg($clientdb_password) . ' -e "SHOW TABLES"', $retout, $retcode);
} else {
exec('mysql -h ' . escapeshellarg($clientdb_host) . ' -u ' . escapeshellarg($clientdb_user) . ' -D ' . escapeshellarg($conf['db_database']) . ' -e "SHOW TABLES"', $retout, $retcode);
}
if($retcode != 0) {
outlog("[WARN] Could not use mysql command line to connect to the database. Check your mysql config!");
}
}
// try to check connection to interface
......@@ -203,6 +214,28 @@ if($has_ispconfig) {
outlog("[INFO] No ISPConfig found.");
}
outlog("\n##### VERSION CHECK #####\n");
$php_version = phpversion();
outlog("[INFO] php (cli) version is $php_version");
$php_cgi_version = false;
if(is_file('/usr/lib/cgi-bin/php5') || is_link('/usr/lib/cgi-bin/php5')) {
$check = shell_exec('/usr/lib/cgi-bin/php5 -v');
$ok = preg_match('/^PHP\s+((\d+)\.(\d+)\.(\d+)((?:-\d+)?\+\w+\d+))\s+/', $check, $match);
if($ok) {
$php_cgi_version = $match[1];
outlog("[INFO] php-cgi (used for cgi php in default vhost!) is version $php_cgi_version");
if($match[2] < 5) {
outlog("[WARN] Are you kidding? Still PHP 4???");
} elseif(($match[2] == 5 && $match[3] < 3) || ($match[2] == 5 && $match[3] == 3 && ($match[4] < 12 && ($match[4] != 3 || !preg_match('/^-7\+squeeze1[67]$/', $match[5]))))) {
outlog("[WARN] Your php-cgi in /usr/lib/cgi-bin/ seems to be outdated and might contain a known exploit ($match[5])!");
} elseif($match[2] == 5 && $match[3] == 4 && $match[4] < 2) {
outlog("[WARN] Your php-cgi in /usr/lib/cgi-bin/ seems to be outdated and might contain a known exploit!");
}
}
}
outlog("\n##### PORT CHECK #####\n");
// check if port 8080 is listening if ISPConfig is installed
......@@ -274,7 +307,6 @@ foreach($check_services as $name => $port) {
outlog("\n##### LISTENING PORTS #####\n" . $netstat_out . "\n\n");
outlog("\n##### IPTABLES #####\n" . $iptables_out . "\n\n");
if(OUTPUT == false) {
print "\n##### SCRIPT FINISHED #####\n";
print "Results can be found in htf_report.txt\n";
......@@ -283,4 +315,3 @@ if(OUTPUT == false) {
}
exit;
?>