From: Roland Häder <roland@mxchange.org>
Date: Sun, 8 Jun 2025 23:42:19 +0000 (+0200)
Subject: Continued:
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=47f9ae1575d029b345cda75721f9e3fe063f2872;p=ctracker.git

Continued:
- detect/block XDEBUG_*
- eval-stdin.php is from PHPUnit (which for various reasons should NOT be
  installed on productive servers)
- added `=phpinfo` varriant
---

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 92ffbbd..c4dcf10 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -57,6 +57,9 @@ function initCrackerTrackerArrays () {
 		'HTTP_USER_AGENT', 'HTTP_HOST', 'HTTP_PHP', '_SESSION', 'CFG_ROOT',
 		'DOCUMENT_ROOT', '_SERVER',
 
+		// Don't run XDEBUG on production servers
+		'XDEBUG_',
+
 		// Sensitive files
 		'/environ', 'etc/shadow', 'etc/gshadow', 'etc/passwd', 'etc/group',
 		'etc/./shadow', 'etc/./gshadow', 'etc/./passwd', 'etc/./group',
@@ -106,10 +109,13 @@ function initCrackerTrackerArrays () {
 		'open_basedir', 'suhosin', 'cgi.force_redirect', 'cgi.redirect_status_env',
 
 		// PHP commands/scripts
-		'fopen', 'fwrite', 'phpinfo()', '\<?', '?\>', 'base64_decode', 'file_put_contents',
+		'fopen', 'fwrite', 'phpinfo()', '=phpinfo', '\<?', '?\>', 'base64_decode', 'file_put_contents',
 		'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors', 'passthru',
 		'call_user_func', 'set_time_limit', 'urldecode',
 
+		// PHPUnit is strictly console!
+		'eval-stdin.php',
+
 		// php.ini variables
 		'disable_functions', 'safe_mode', 'allow_url_include', 'auto_prepend_file',