Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "IBM InfoPrint 4247-Z03 Impact Matrix Printer - Local File Inclusion" module is designed to detect a vulnerability in the IBM InfoPrint 4247-Z03 Impact Matrix Printer. This vulnerability allows an attacker to include local files on the target system. The severity of this vulnerability is classified as high.
This module was authored by harshbothra_.
If successfully exploited, this vulnerability could allow an attacker to access sensitive files on the target system. This could potentially lead to unauthorized access, data leakage, or further compromise of the system.
The module sends an HTTP GET request to the target system with a specific path parameter. It attempts to include the "/etc/passwd" file by traversing the file system using relative path traversal techniques.
The module then applies matching conditions to the response received from the target system. It checks if the response has a status code of 200 and if the body of the response contains the string "root:.*:0:0:". If both conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /./../../../../../../../../../../etc/passwd HTTP/1.1
Host: [target_host]
The matching conditions:
- Status code: 200 - Body regex: "root:.*:0:0:"If the target system responds with a status code of 200 and the body contains the string "root:.*:0:0:", it indicates that the local file inclusion vulnerability exists.
For more information, you can refer to the exploit-db.com reference.