Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

EyeLock nano NXT 3.5 - Arbitrary File Retrieval

By kannthu

Vidoc logoVidoc Module

What is the "EyeLock nano NXT 3.5 - Arbitrary File Retrieval?" module?

The "EyeLock nano NXT 3.5 - Arbitrary File Retrieval" module is designed to detect a file retrieval vulnerability in the EyeLock nano NXT software. This vulnerability occurs when the input passed through the 'path' parameter to the 'logdownload.php' script is not properly verified before being used to read files. The severity of this vulnerability is classified as high.

This module was authored by geeknik.


If exploited, this vulnerability allows an attacker to disclose the contents of files from local resources. By manipulating the 'path' parameter, an attacker can retrieve sensitive information, such as the contents of the '/etc/passwd' file.

How does the module work?

The module sends an HTTP GET request to the '/scripts/logdownload.php' endpoint with the following parameters:


The module then applies two matching conditions to determine if the vulnerability is present:

- The response status code must be 200. - The response body must contain the string "root:[x*]:0:0:" using a regular expression match.

If both conditions are met, the module reports the vulnerability.

For more information, refer to the original module documentation.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
status: 200and
regex: root:[x*]:0:0:
Passive global matcher
No matching conditions.
On match action
Report vulnerability