HUAWEI HG659 - Local File Inclusion

What is "HUAWEI HG659 - Local File Inclusion?"

The "HUAWEI HG659 - Local File Inclusion" module is designed to detect a vulnerability in the HUAWEI HG659 software. This vulnerability is classified as high severity and can potentially lead to unauthorized access to sensitive files on the system. The module was authored by pikpikcu.

Impact

If exploited, the local file inclusion vulnerability in HUAWEI HG659 can allow an attacker to access files that should not be publicly accessible. This can lead to the exposure of sensitive information or the execution of arbitrary code, depending on the specific files accessed.

How the module works?

The module works by sending an HTTP GET request to the target system with a specific path parameter. The path parameter is crafted to exploit the local file inclusion vulnerability by traversing directories and attempting to access sensitive files, such as the "/etc/passwd" file.

The module then applies matching conditions to determine if the vulnerability is present. In this case, it checks if the response contains the string "root:.*:0:0:" (indicating the presence of a root user entry in the "/etc/passwd" file) and if the response status is 200 (indicating a successful request).

By detecting these conditions, the module can determine if the HUAWEI HG659 software is vulnerable to local file inclusion.

Reference:

- https://twitter.com/sec715/status/1406782172443287559

Metadata:

max-request: 1