Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Kingsoft 8 - Local File Inclusion" module is designed to detect a vulnerability in the Kingsoft 8 software. This vulnerability is classified as CWE-22 and has a severity level of high, with a CVSS score of 7.5. The module aims to identify instances where the software is susceptible to local file inclusion attacks.
Kingsoft 8 is a specific version of the Kingsoft software, and this module focuses on detecting vulnerabilities in this particular version.
A successful local file inclusion attack on Kingsoft 8 can have serious consequences. It allows an attacker to include and execute arbitrary files from the local file system, potentially leading to unauthorized access, data leakage, or even remote code execution.
The "Kingsoft 8 - Local File Inclusion" module works by sending a specific HTTP request to the target system. The request path used for detection is "/htmltopdf/downfile.php?filename=/windows/win.ini".
The module then applies several matching conditions to determine if the vulnerability is present:
- The response body must contain the words "for 16-bit app support" and "[extensions]". - The response header must include the word "application/zip". - The HTTP status code must be 200.If all of these conditions are met, the module reports a vulnerability, indicating that the Kingsoft 8 software is susceptible to local file inclusion.
It's important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform scanning and detection of various misconfigurations, vulnerabilities, and software fingerprints.
Author: ritikchaddha
Reference: https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/b6f8fbfef46ad1c3f8d5715dd19b00ca875341c2/_book/Pe