Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

GoIP-1 GSM - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#gsm#goip#lfi#iot
Description

What is "GoIP-1 GSM - Local File Inclusion?"

The "GoIP-1 GSM - Local File Inclusion" module is designed to detect a vulnerability in the GoIP-1 GSM software. This vulnerability allows an attacker to include local files by manipulating the 'content' or 'sidebar' GET parameters in the 'frame.html' or 'frame.A100.html' pages. The severity of this vulnerability is classified as high.

This module was authored by gy741.

Impact

If successfully exploited, this vulnerability can allow an attacker to access sensitive files on the target system. In this case, the module specifically checks for the presence of the 'root' user in the '/etc/passwd' file, indicating potential unauthorized access to privileged information.

How does the module work?

The module sends HTTP requests to the target system, attempting to include the '/etc/passwd' file by manipulating the 'content' and 'sidebar' parameters in the 'frame.html' and 'frame.A100.html' pages. The module then uses a regular expression matcher to check if the 'root' user is present in the response. If a match is found, the module reports a vulnerability.

Here is an example of an HTTP request sent by the module:

GET /default/en_US/frame.html?content=..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd

The module's matching condition checks for the presence of the 'root' user in the response, specifically looking for the pattern "root:.*:0:0:". If this pattern is found, the module identifies the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/default/en_US/frame.../default/en_US/frame...
Matching conditions
regex: root:.*:0:0:
Passive global matcher
No matching conditions.
On match action
Report vulnerability