Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Blue Ocean Excellence - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#blue-ocean#lfi
Description

What is "Blue Ocean Excellence - Local File Inclusion?"

The "Blue Ocean Excellence - Local File Inclusion" module is designed to detect vulnerabilities related to local file inclusion in the Blue Ocean Excellence software. This module focuses on identifying misconfigurations or vulnerabilities that could potentially be exploited by attackers. The severity of this vulnerability is classified as high, indicating the potential for significant impact if exploited.

This module was authored by pikpikcu.

Impact

A local file inclusion vulnerability allows an attacker to include arbitrary files from the target system, potentially exposing sensitive information or executing malicious code. In the case of Blue Ocean Excellence, this vulnerability could lead to unauthorized access to system files, compromising the confidentiality and integrity of the software and potentially the entire system.

How does the module work?

The "Blue Ocean Excellence - Local File Inclusion" module works by sending HTTP requests to the target system, specifically targeting the "/download.php?file=../../../../../etc/passwd" path. This path is commonly used to retrieve system files, such as the "/etc/passwd" file, which contains user account information.

The module then applies matching conditions to the response received from the target system. In this case, it uses two matchers:

    - A regex matcher that looks for the presence of the string "toor:[x*]:0:0" in the response. This string represents a specific entry in the "/etc/passwd" file, indicating a potential successful inclusion of the file. - A status matcher that checks if the HTTP response status code is 200, indicating a successful request.

If both matchers evaluate to true, the module reports a vulnerability, indicating that the Blue Ocean Excellence software is vulnerable to local file inclusion.

For more information, you can refer to the reference provided.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/download.php?file=....
Matching conditions
regex: toor:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability