Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Hrsale 2.0.0 - Local File Inclusion" module is designed to detect a vulnerability in the Hrsale 2.0.0 software. This vulnerability allows an attacker to exploit a local file inclusion (LFI) vulnerability, which enables them to download any readable file from the server without permission or a login session. The severity of this vulnerability is classified as high.
This module was authored by 0x_Akoko.
The impact of the "Hrsale 2.0.0 - Local File Inclusion" vulnerability is significant. By exploiting this vulnerability, an attacker can gain unauthorized access to sensitive files on the server. This can lead to the exposure of confidential information, such as user credentials, configuration files, or other sensitive data.
The "Hrsale 2.0.0 - Local File Inclusion" module works by sending a specific HTTP request to the target server. The request includes a path parameter that exploits the LFI vulnerability by traversing the file system and accessing files outside of the intended directory.
For example, the module may send a request like:
GET /download?type=files&filename=../../../../../../../../etc/passwd
The module then applies matching conditions to determine if the vulnerability is present. In this case, the matching conditions include:
- A regular expression match that looks for the presence of the string "root:[x*]:0:0" in the response. - A status code match that checks if the response has a status code of 200.If both matching conditions are met, the module reports the vulnerability.
It is important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various vulnerabilities, misconfigurations, and software fingerprints.