Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Asanhamayesh CMS 3.4.6 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#asanhamayesh#lfi#traversal
Description

What is the "Asanhamayesh CMS 3.4.6 - Local File Inclusion?"

The "Asanhamayesh CMS 3.4.6 - Local File Inclusion" module is designed to detect a vulnerability in the Asanhamayesh CMS 3.4.6 software. This vulnerability allows an attacker to include local files from the server, potentially leading to unauthorized access or disclosure of sensitive information. The severity of this vulnerability is classified as high.

This module was authored by 0x_Akoko.

Impact

If successfully exploited, the local file inclusion vulnerability in Asanhamayesh CMS 3.4.6 can have serious consequences. An attacker could potentially access sensitive files on the server, such as configuration files or user credentials. This could lead to further compromise of the system or unauthorized access to sensitive information.

How the module works?

The module works by sending an HTTP request to the target server with a specific path parameter that triggers the local file inclusion vulnerability. For example, it may send a request to "/downloadfile.php?file=../../../../../../../../../../etc/passwd".

The module then applies matching conditions to the response received from the server. In this case, it checks if the response contains the string "root:[x*]:0:0" using a regular expression matcher. It also checks if the response status code is 200. If both conditions are met, the module reports the vulnerability.

By detecting this vulnerability, the module helps identify potential security risks in Asanhamayesh CMS 3.4.6 installations and allows for timely remediation to prevent unauthorized access and data breaches.

Reference:

- https://cxsecurity.com/issue/WLB-2018030006

- https://asanhamayesh.com

Metadata

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/downloadfile.php?fi...
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability