Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Digital Rebar - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#lfi#rackn#digitalrebar
Description

What is the "Digital Rebar - Local File Inclusion?" module?

The "Digital Rebar - Local File Inclusion" module is designed to detect a vulnerability known as local file inclusion (LFI) in the Digital Rebar software. LFI is a type of security vulnerability that allows an attacker to include files from a server into a web page, potentially exposing sensitive information or executing malicious code.

This module targets Digital Rebar versions 4.3.0, 4.3.2, 4.3.3, 4.4.0, and possibly others. It was authored by c-sh0 and has a severity level of high.

Impact

If the Digital Rebar software is vulnerable to LFI, it means that web requests can navigate outside of the controlled areas of Digital Rebar. This can lead to unauthorized access to sensitive files on the server and potential compromise of the system.

How does the module work?

The "Digital Rebar - Local File Inclusion" module works by sending HTTP requests to the target server and checking for specific conditions that indicate the presence of the LFI vulnerability. One example of an HTTP request sent by the module is:

GET /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd

The module then applies matching conditions to the response of the HTTP request to determine if the vulnerability is present. The matching conditions include:

- Checking if the response body contains the string "root:.*:0:0" using a regular expression matcher. - Checking if the response headers contain the word "X-Drp-Sha256sum:" using a word matcher. - Checking if the HTTP response status is 200 using a status matcher.

If all of these matching conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/%2e%2e/%2e%2e/%2e%2...
Matching conditions
regex: root:.*:0:0and
word: X-Drp-Sha256sum:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability