Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Generic Linux - Local File Inclusion" module is designed to detect local file inclusion vulnerabilities on Linux systems. It targets the Generic Linux software and has a high severity level. The module was originally authored by geeknik, unstabl3, pentest_swissky, sushantkamble, 0xSmiley, and DhiyaneshDK.
A local file inclusion vulnerability allows an attacker to include arbitrary files from the target system. In the case of this module, it specifically searches for the inclusion of the "/etc/passwd" file. This file contains sensitive information, such as user account details, and its exposure can lead to further exploitation of the system.
The "Generic Linux - Local File Inclusion" module works by sending HTTP requests to the target system and checking for specific matching conditions. It uses various paths and encoding techniques to attempt to include the "/etc/passwd" file. If the response body contains the string "root:.*:0:0:", it indicates a successful match, indicating the presence of a local file inclusion vulnerability.
Here is an example of an HTTP request used by the module:
GET /etc/passwd
The module uses regular expression matching to check if the response body contains the string "root:.*:0:0:". This condition ensures that the module accurately detects the presence of the vulnerability.
It is important to note that this module is designed for technical users and aims to provide accurate information about the presence of local file inclusion vulnerabilities on Generic Linux systems.