Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Global Domains International - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#globaldomains#lfi#traversal
Description

What is the "Global Domains International - Local File Inclusion?" module?

The "Global Domains International - Local File Inclusion" module is designed to detect a vulnerability in the Global Domains International software. This vulnerability is classified as a high severity issue and can potentially lead to unauthorized access to sensitive files on the target system. The module was authored by 0x_Akoko.

Impact

If successfully exploited, the local file inclusion vulnerability in Global Domains International can allow an attacker to retrieve sensitive files from the target system. This can include files containing sensitive information such as user credentials, configuration files, or other sensitive data.

How does the module work?

The module sends a specific HTTP request to the target system, attempting to exploit the local file inclusion vulnerability. The request path used in the module is:

/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11

The module then applies two matching conditions to determine if the vulnerability is present:

- Matcher 1: The response body is checked using a regular expression to search for the presence of the string "root:[x*]:0:0". - Matcher 2: The response status code is checked to ensure it is 200 (OK).

If both matching conditions are met, the module reports the vulnerability.

Reference:

- https://cxsecurity.com/issue/WLB-2018020247 - http://www.nic.ws

Metadata:

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/kvmlm2/index.dhtml?...
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability