AnonSec Shell
Server IP : 85.193.89.191  /  Your IP : 3.12.74.66
Web Server : Apache
System : Linux 956367-cx40159.tmweb.ru 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64
User : bitrix ( 600)
PHP Version : 8.1.27
Disable Function : NONE
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/bitrix/www/bitrix/modules/security/classes/general/tests/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/bitrix/www/bitrix/modules/security/classes/general/tests/site_configuration.php
<?php

/**
 * Bitrix Framework
 * @package bitrix
 * @subpackage security
 * @copyright 2001-2013 Bitrix
 */

use Bitrix\Main\SystemException;

/**
 * Class CSecuritySiteConfigurationTest
 * @since 12.5.0
 */
class CSecuritySiteConfigurationTest
	extends CSecurityBaseTest
{
	protected $internalName = "SiteConfigurationTest";

	protected $tests = array(
		"securityLevel" => array(
			"method" => "checkSecurityLevel"
		),
		"errorReporting" => array(
			"method" => "checkErrorReporting",
			"base_message_key" => "SECURITY_SITE_CHECKER_ERROR_REPORTING",
			"critical" => CSecurityCriticalLevel::MIDDLE
		),
		"exceptionDebug" => array(
			"method" => "checkExceptionDebug",
			"base_message_key" => "SECURITY_SITE_CHECKER_EXCEPTION_DEBUG",
			"critical" => CSecurityCriticalLevel::HIGHT
		),
		"dbDebug" => array(
			"method" => "checkDbDebug",
			"base_message_key" => "SECURITY_SITE_CHECKER_DB_DEBUG",
			"critical" => CSecurityCriticalLevel::HIGHT
		),
		"dbPassword" => array(
			"method" => "checkDbPassword"
		),
		"scriptExtension" => array(
			"method" => "checkScriptExtension"
		),
		"modulesVersion" => array(
			"method" => "checkModulesVersion"
		)
	);

	protected static $expectedScriptExtensions = "php,php3,php4,php5,php6,phtml,pl,asp,aspx,cgi,dll,exe,ico,shtm,shtml,fcg,fcgi,fpl,asmx,pht,py,psp";

	public function __construct()
	{
		IncludeModuleLangFile(__FILE__);
	}

	/**
	 * Check if saved script file extension is up to date
	 */
	protected function checkScriptExtension()
	{
		$actualExtensions = getScriptFileExt();
		$missingExtensions = array_diff(
			explode(",", self::$expectedScriptExtensions),
			$actualExtensions
		);

		if(!empty($missingExtensions))
		{
			$this->addUnformattedDetailError(
				"SECURITY_SITE_CHECKER_DANGER_EXTENSIONS",
				CSecurityCriticalLevel::HIGHT,
				getMessage("SECURITY_SITE_CHECKER_DANGER_EXTENSIONS_ADDITIONAL", array(
					"#EXPECTED#" => self::$expectedScriptExtensions,
					"#ACTUAL#" => join(",", $actualExtensions),
					"#MISSING#" => join(",", $missingExtensions)
				))
			);
			return self::STATUS_FAILED;
		}

		return self::STATUS_PASSED;
	}

	protected function checkSecurityLevel()
	{
		$isFailed = false;
		if(!CSecurityFilter::IsActive())
		{
			$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT);
			$isFailed = true;
		}
		if(!CSecurityRedirect::IsActive())
		{
			$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_REDIRECT_OFF", CSecurityCriticalLevel::MIDDLE);
			$isFailed = true;
		}

		$adminPolicy = \CCheckListTools::AdminPolicyLevel();
		if($adminPolicy != "high")
		{
			$this->addUnformattedDetailError(
				"SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL",
				$adminPolicy == "middle" ? CSecurityCriticalLevel::LOW : CSecurityCriticalLevel::HIGHT
			);
			$isFailed = true;
		}

		if($isFailed)
			return self::STATUS_FAILED;
		else
			return self::STATUS_PASSED;
	}

	/**
	 * Return true if debug = off
	 *
	 * @return bool
	 * @since 14.0.0
	 */
	protected function checkDbDebug()
	{
		/** @global CDataBase $DB */
		global $DB;

		if($DB->debug)
			return self::STATUS_FAILED;
		else
			return self::STATUS_PASSED;
	}

	/**
	 * Return true if error_reporting = 0
	 *
	 * @return bool
	 * @since 14.0.0
	 */
	protected function checkErrorReporting()
	{
		$validErrorReporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR|E_PARSE;
		if (
			COption::GetOptionInt("main", "error_reporting", $validErrorReporting) != $validErrorReporting
			&& COption::GetOptionInt("main","error_reporting","") != 0
		)
			return self::STATUS_FAILED;
		else
			return self::STATUS_PASSED;
	}

	/**
	 * Return true if exception_handling debug = false
	 *
	 * @return bool
	 * @since 14.0.0
	 */
	protected function checkExceptionDebug()
	{
		$exceptionConfig = \Bitrix\Main\Config\Configuration::getValue('exception_handling');
		if(
			is_array($exceptionConfig)
			&& isset($exceptionConfig['debug'])
			&& $exceptionConfig['debug']
		)
			return self::STATUS_FAILED;
		else
			return self::STATUS_PASSED;
	}

	/**
	 * Return true if module updates available
	 *
	 * @return bool
	 * @since 14.0.2
	 */
	protected function checkModulesVersion()
	{
		try
		{
			$updates = static::getAvailableUpdates();
			if(!empty($updates))
			{
				$this->addUnformattedDetailError(
					"SECURITY_SITE_CHECKER_MODULES_VERSION",
					CSecurityCriticalLevel::HIGHT,
					getMessage("SECURITY_SITE_CHECKER_MODULES_VERSION_ARRITIONAL", array(
						"#MODULES#" => nl2br(htmlspecialcharsbx(join("\n", $updates)))
					))
				);
				return self::STATUS_FAILED;
			}
		}
		catch (SystemException $e)
		{
			$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_MODULES_VERSION_ERROR", CSecurityCriticalLevel::HIGHT);
			return self::STATUS_FAILED;
		}

		return self::STATUS_PASSED;
	}

	protected function checkDbPassword()
	{
		/** @global CDataBase $DB */
		global $DB;
		$password = $DB->DBPassword;
		$sign = ",.#!*%$:-^@{}[]()'\"-+=<>?`&;";
		$dit = "1234567890";
		if(trim($password) == "")
		{
			$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_EMPTY_PASS", CSecurityCriticalLevel::HIGHT);
		}
		else
		{
			if($password == mb_strtolower($password))
			{
				$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_SAME_REGISTER_PASS", CSecurityCriticalLevel::HIGHT);
			}
			if(strpbrk($password, $sign) === false)
			{
				$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_NO_SIGN_PASS", CSecurityCriticalLevel::HIGHT);
			}
			if(strpbrk($password, $dit) === false)
			{
				$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_NO_DIT_PASS", CSecurityCriticalLevel::HIGHT);
			}
			if (mb_strlen($password) < 8)
			{
				$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_MIN_LEN_PASS", CSecurityCriticalLevel::HIGHT);
			}
		}
	}

	/**
	 * @since 14.0.7
	 * @return array
	 * @throws Bitrix\Main\SystemException
	 */
	protected static function getAvailableUpdates()
	{
		require_once($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/classes/general/update_client.php');

		$errors = null;
		$installedModules = CUpdateClient::GetCurrentModules($errors);
		if ($errors !== null)
			throw new SystemException($errors);

		$stableVersionsOnly = COption::GetOptionString('main', 'stable_versions_only', 'Y');
		$errors = null;
		$updateList = CUpdateClient::GetUpdatesList($errors, LANG, $stableVersionsOnly);
		if ($errors !== null)
			throw new SystemException($errors);

		if (
			!isset($updateList['MODULES'])
			|| !is_array($updateList['MODULES'])
			|| !isset($updateList['MODULES'][0]['#'])
		)
		{
			throw new SystemException('Empty update modules list');
		}

		$result = array();
		if (!$updateList['MODULES'][0]['#'])
		{
			return $result;
		}

		if (
			!isset($updateList['MODULES'][0]['#']['MODULE'])
			|| !is_array($updateList['MODULES'][0]['#']['MODULE'])
		)
		{
			throw new SystemException('Empty update module list');
		}

		foreach ($updateList['MODULES'][0]['#']['MODULE'] as $module)
		{
			if (array_key_exists($module['@']['ID'], $installedModules))
				$result[] = $module['@']['ID'];
		}

		return $result;
	}
}

Anon7 - 2022
AnonSec Team