Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Global Domains International - Local File Inclusion" module is designed to detect a vulnerability in the Global Domains International software. This vulnerability is classified as a high severity issue and can potentially lead to unauthorized access to sensitive files on the target system. The module was authored by 0x_Akoko.
If successfully exploited, the local file inclusion vulnerability in Global Domains International can allow an attacker to retrieve sensitive files from the target system. This can include files containing sensitive information such as user credentials, configuration files, or other sensitive data.
The module sends a specific HTTP request to the target system, attempting to exploit the local file inclusion vulnerability. The request path used in the module is:
/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
The module then applies two matching conditions to determine if the vulnerability is present:
- Matcher 1: The response body is checked using a regular expression to search for the presence of the string "root:[x*]:0:0". - Matcher 2: The response status code is checked to ensure it is 200 (OK).If both matching conditions are met, the module reports the vulnerability.
Reference:
- https://cxsecurity.com/issue/WLB-2018020247 - http://www.nic.wsMetadata: