Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Kingsoft 8 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#kingsoft#lfi
Description

What is "Kingsoft 8 - Local File Inclusion?"

The "Kingsoft 8 - Local File Inclusion" module is designed to detect a vulnerability in the Kingsoft 8 software. This vulnerability is classified as CWE-22 and has a severity level of high, with a CVSS score of 7.5. The module aims to identify instances where the software is susceptible to local file inclusion attacks.

Kingsoft 8 is a specific version of the Kingsoft software, and this module focuses on detecting vulnerabilities in this particular version.

Impact

A successful local file inclusion attack on Kingsoft 8 can have serious consequences. It allows an attacker to include and execute arbitrary files from the local file system, potentially leading to unauthorized access, data leakage, or even remote code execution.

How the module works?

The "Kingsoft 8 - Local File Inclusion" module works by sending a specific HTTP request to the target system. The request path used for detection is "/htmltopdf/downfile.php?filename=/windows/win.ini".

The module then applies several matching conditions to determine if the vulnerability is present:

- The response body must contain the words "for 16-bit app support" and "[extensions]". - The response header must include the word "application/zip". - The HTTP status code must be 200.

If all of these conditions are met, the module reports a vulnerability, indicating that the Kingsoft 8 software is susceptible to local file inclusion.

It's important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform scanning and detection of various misconfigurations, vulnerabilities, and software fingerprints.

Author: ritikchaddha

Reference: https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/b6f8fbfef46ad1c3f8d5715dd19b00ca875341c2/_book/Pe

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/htmltopdf/downfile....
Matching conditions
word: for 16-bit app support, [extensions]and
word: application/zipand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability