hisoka Posted April 2, 2016 Share Posted April 2, 2016 I downloaded a program called PHP security Audit Tool from this site : https://sourceforge.net/projects/phpsecaudit/ then looked to the instructions used to run it in the bottom of this page : https://sourceforge.net/p/phpsecaudit/code/HEAD/tree/ However I tried for hours but I could not make it run on my windows XP with Apache server and PHP I need help Link to comment Share on other sites More sharing options...
justsomeguy Posted April 4, 2016 Share Posted April 4, 2016 You're executing PHP in the console, right? You run PHP, tell it to execute the audit package, and then pass the directory or file to audit. Link to comment Share on other sites More sharing options...
hisoka Posted April 5, 2016 Author Share Posted April 5, 2016 This is what I did so far : I opened cmd in windows and changed to C:\Program Files\PHP\script\phpsecaudit where the audit software resides . Now that I am in the directory like this : C:\Program Files\PHP\script\phpsecaudit> I run this command : C:\Program Files\PHP\script\phpsecaudit>php run.php --src dilver.php dilver.php is the file i want the audit tool to analyse and --src is to specify the file which is dilver.php However I go this along with an error : <? /* * $Id: TokenUtils.php 28215 2005-07-28 02:53:05Z hkodungallur $ * * Copyright© 2004-2005, SpikeSource Inc. All Rights Reserved. * Licensed under the Open Software License version 2.1 * (See http://www.spikesource.com/license.html) */?>PHP Fatal error: Call-time pass-by-reference has been removed in C:\Program Files\PHP\script\phpsecaudit\xml_utils.php on line 31PHP Stack trace:PHP 1. {main}() C:\Program Files\PHP\script\phpsecaudit\run.php:0PHP 2. require_once() C:\Program Files\PHP\script\phpsecaudit\run.php:74Fatal error: Call-time pass-by-reference has been removed in C:\Program Files\PHP\script\phpsecaudit\xml_utils.php on line 31Call Stack: 0.0053 131368 1. {main}() C:\Program Files\PHP\script\phpsecaudit\run.php:0 0.0089 186312 2. require_once('C:\Program Files\PHP\script\phpsecaudit\Analyzer.php') C:\Program Files\PHP\script\phpsecaudit\run.php:74 No idea what is happening and how to correct it ??? Link to comment Share on other sites More sharing options...
justsomeguy Posted April 5, 2016 Share Posted April 5, 2016 It sounds like that security audit package does not run in PHP 5.4 or later, which removed call-time pass by reference. Maybe there's an updated version on their home page. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now