Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

EWEBS - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#ewebs#lfi
Description

What is "EWEBS - Local File Inclusion?"

The "EWEBS - Local File Inclusion" module is designed to detect a vulnerability in the EWEBS software. This vulnerability allows remote attackers to disclose the content of locally stored files through the 'Language_S' parameter supplied to the 'casmain.xgi' endpoint. The severity of this vulnerability is classified as high, with a CVSS score of 7.5.

This module was authored by pikpikcu.

Impact

A successful exploitation of the local file inclusion vulnerability in EWEBS can lead to the unauthorized disclosure of sensitive information stored on the server. This can include configuration files, user credentials, and other confidential data. Attackers can leverage this information to further compromise the system or launch targeted attacks.

How does the module work?

The "EWEBS - Local File Inclusion" module works by sending a POST request to the '/casmain.xgi' endpoint with specific headers and parameters. It then applies matching conditions to determine if the vulnerability is present.

An example of the HTTP request sent by the module:

POST /casmain.xgi HTTP/1.1
Host: [target_host]
Content-Type: application/x-www-form-urlencoded

[Request Body]

The module applies the following matching conditions:

- The response body must contain the words "[Edition]" and "[LocalInfo]". - The response status code must be 200.

If both conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/casmain.xgi
Headers

Content-Type: application/x-www-fo...

Matching conditions
word: [Edition], [LocalInfo]and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability