Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Generic Linux - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#linux#lfi#generic
Description

What is "Generic Linux - Local File Inclusion?"

The "Generic Linux - Local File Inclusion" module is designed to detect local file inclusion vulnerabilities on Linux systems. It targets the Generic Linux software and has a high severity level. The module was originally authored by geeknik, unstabl3, pentest_swissky, sushantkamble, 0xSmiley, and DhiyaneshDK.

Impact

A local file inclusion vulnerability allows an attacker to include arbitrary files from the target system. In the case of this module, it specifically searches for the inclusion of the "/etc/passwd" file. This file contains sensitive information, such as user account details, and its exposure can lead to further exploitation of the system.

How the module works?

The "Generic Linux - Local File Inclusion" module works by sending HTTP requests to the target system and checking for specific matching conditions. It uses various paths and encoding techniques to attempt to include the "/etc/passwd" file. If the response body contains the string "root:.*:0:0:", it indicates a successful match, indicating the presence of a local file inclusion vulnerability.

Here is an example of an HTTP request used by the module:

GET /etc/passwd

The module uses regular expression matching to check if the response body contains the string "root:.*:0:0:". This condition ensures that the module accurately detects the presence of the vulnerability.

It is important to note that this module is designed for technical users and aims to provide accurate information about the presence of local file inclusion vulnerabilities on Generic Linux systems.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/etc/passwd/..%5cetc/passwd/..%5c..%5cetc/passw...(+29 paths)
Matching conditions
regex: root:.*:0:0:
Passive global matcher
No matching conditions.
On match action
Report vulnerability