Certified Ethical Hacker (CEH v11) — Question 73

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?

Answer options

• A. httpd.conf
• B. administration.config
• C. php.ini
• D. idq.dll

Correct answer: C

Explanation

The correct answer is C, php.ini, as it contains configurations for PHP settings, including error reporting that can expose sensitive information. Options A and B are relevant configuration files, but they do not specifically deal with PHP error messages. Option D, idq.dll, is a dynamic link library related to IIS and does not typically provide the same level of detailed error information as php.ini.