[+] Lighttpd analysis
This module tests for lighttpd configuration files and binaries
The configuration files are analysed for configuration issues.

The tests of these configuration files is based on the following sources:
    - Lighttpd - Docs_SSL
 
    - Alpine Linux - Lighttpd Advanced security
 
    - Hardening guide for lighttpd 1.4.26 on redhat Linux
 

==> Lighttpd binary analysis

[*] Vulnerability details for lighttpd / version 1.4.53 / source unknown:

	lighttpd            :   1.4.53      :   CVE-2019-11072    :   9.8       :   unknown        :   Exploit (Github: jreisinger_checkip (G))
	lighttpd            :   1.4.53      :   CVE-2022-22707    :   5.9       :   unknown        :   Exploit (Github: jreisinger_checkip (G))

[+] Found 2 CVEs and 2 exploits (including POC's) in lighttpd with version 1.4.53 (source unknown).


[*] Testing lighttpd binaries for binary protection mechanisms:

RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH	Symbols		FORTIFY	Fortified	Fortifiable	FILE
Partial RELRO   No canary found   NX disabled   No PIE          No RPATH   No RUNPATH   No Symbols	  No	0		10		/logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/lighttpd

[*] Testing lighttpd binaries for deprecated function calls:

[+] /usr/sbin/lighttpd (-rw-r--r-- root root) - common linux file: no - Vulnerable function: fprintf / Function count: 21 / networking: no
 



[+] /usr/sbin/lighttpd (-rw-r--r-- root root) - common linux file: no - Vulnerable function: mmap / Function count: 1 / Correct error handling: 2 





[+] /usr/sbin/lighttpd (-rw-r--r-- root root) - common linux file: no - Vulnerable function: printf / Function count: 1 / networking: no







==> Lighttpd configuration analysis for lighttpd.conf




[*] Testing web server configuration file /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/etc/lighttpd/lighttpd.conf




[*] Testing web server user


[+] Possible configuration issue detected: Web server running as root user:


    server.username  = "root"


[*] Testing web server root directory location


[*] Testing for additional web server binaries


[*] Testing for directory listing configuration


[*] Testing web server ssl.engine usage


[*] Testing web server pemfile location


[*] Configuration note: Web server using the following pem file


    	ssl.pemfile = "/NandDisk/ssl/kantechselfsigned/kantechselfsigned.pem"


[*] Testing web server private key file


[*] Testing web server BEAST mitigation


[*] Testing web server for SSL ciphers supported