Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Hrsale 2.0.0 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#hrsale#lfi#edb
Description

What is "Hrsale 2.0.0 - Local File Inclusion?"

The "Hrsale 2.0.0 - Local File Inclusion" module is designed to detect a vulnerability in the Hrsale 2.0.0 software. This vulnerability allows an attacker to exploit a local file inclusion (LFI) vulnerability, which enables them to download any readable file from the server without permission or a login session. The severity of this vulnerability is classified as high.

This module was authored by 0x_Akoko.

Impact

The impact of the "Hrsale 2.0.0 - Local File Inclusion" vulnerability is significant. By exploiting this vulnerability, an attacker can gain unauthorized access to sensitive files on the server. This can lead to the exposure of confidential information, such as user credentials, configuration files, or other sensitive data.

How the module works?

The "Hrsale 2.0.0 - Local File Inclusion" module works by sending a specific HTTP request to the target server. The request includes a path parameter that exploits the LFI vulnerability by traversing the file system and accessing files outside of the intended directory.

For example, the module may send a request like:

GET /download?type=files&filename=../../../../../../../../etc/passwd

The module then applies matching conditions to determine if the vulnerability is present. In this case, the matching conditions include:

- A regular expression match that looks for the presence of the string "root:[x*]:0:0" in the response. - A status code match that checks if the response has a status code of 200.

If both matching conditions are met, the module reports the vulnerability.

It is important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various vulnerabilities, misconfigurations, and software fingerprints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/download?type=files...
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability