Php Insufficiently Protected Credentials

Description

Detects when credentials or sensitive data are insufficiently protected in PHP cURL requests. This occurs when authentication credentials are passed through cURL options without proper security measures, potentially exposing sensitive information in logs, error messages, or during transmission.

Weakness:

359 - Sensitive information in source code - Credentials

Category: Information Collection

Detection Strategy

• Look for PHP curl_setopt function calls in the codebase

• Check if the cURL options contain credential-related parameters (like CURLOPT_USERPWD, CURLOPT_PROXYUSERPWD)

• Verify if these credentials are passed directly as string literals or variables without proper encryption or protection

• Report a vulnerability if credentials are found to be handled insecurely in the cURL configuration

Vulnerable code example

<?php
$ch = curl_init("https://api.example.com/data");

// Vulnerable: Hardcoded credentials directly in CURLOPT_USERPWD
curl_setopt($ch, CURLOPT_USERPWD, "admin:secret123"); 

curl_exec($ch);
curl_close($ch);

✅ Secure code example

<?php
$ch = curl_init("https://api.example.com/data");

// Get credentials from environment variables instead of hardcoding
$api_user = getenv("API_USER");
$api_pass = getenv("API_PASS");

// Set credentials from environment variables for secure authentication...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.