Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Digital Rebar - Local File Inclusion" module is designed to detect a vulnerability known as local file inclusion (LFI) in the Digital Rebar software. LFI is a type of security vulnerability that allows an attacker to include files from a server into a web page, potentially exposing sensitive information or executing malicious code.
This module targets Digital Rebar versions 4.3.0, 4.3.2, 4.3.3, 4.4.0, and possibly others. It was authored by c-sh0 and has a severity level of high.
If the Digital Rebar software is vulnerable to LFI, it means that web requests can navigate outside of the controlled areas of Digital Rebar. This can lead to unauthorized access to sensitive files on the server and potential compromise of the system.
The "Digital Rebar - Local File Inclusion" module works by sending HTTP requests to the target server and checking for specific conditions that indicate the presence of the LFI vulnerability. One example of an HTTP request sent by the module is:
GET /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
The module then applies matching conditions to the response of the HTTP request to determine if the vulnerability is present. The matching conditions include:
- Checking if the response body contains the string "root:.*:0:0" using a regular expression matcher. - Checking if the response headers contain the word "X-Drp-Sha256sum:" using a word matcher. - Checking if the HTTP response status is 200 using a status matcher.If all of these matching conditions are met, the module reports the vulnerability.