CODE_DESC: "This web-accessible script will list security recommendations after scanning available PHP configuration variables and functions for common exploit vectors."
SOURCE_CODE:
Will this PHP harm/modifiy/etc my system if run?
CODE_DESC: "This web-accessible script will list security recommendations after scanning available PHP configuration variables and functions for common exploit vectors."
SOURCE_CODE:
Will this PHP harm/modifiy/etc my system if run?
You should set up a test server to run this against. Basically, you should never run unknown, untrusted third-party code against your production set up.
I looked at the code
Basically it's running through a bunch of php commands / functions / classes and seeing what they return
I've ran scripts like this in the past; its basically checking the integrity of php.ini and different versions of php
Shouldn't be harm in it, but always exercise caution running someone else's code.
If your interested in security testing, http://www.owasp.org/index.php/Main_Page is a great resource. I've used their resources many times in testing for PCI and ISO. They have many tools geared towards PHP / mysql, etc...