Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

NatShell - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#natshell#lfi
Description

What is "NatShell - Local File Inclusion?"

The "NatShell - Local File Inclusion" module is designed to detect a vulnerability known as local file inclusion (LFI) in the NatShell software. LFI is a type of security misconfiguration that allows an attacker to include and execute files from the local file system of the server. This vulnerability can be exploited to gain unauthorized access to sensitive files and potentially compromise the system.

This module has a severity level of high, indicating that the vulnerability it detects poses a significant risk to the security of the NatShell software.

The original author of this module is pikpikcu.

Impact

If the NatShell software is vulnerable to local file inclusion, an attacker could potentially access and retrieve sensitive information stored on the server. This could include passwords, configuration files, or other confidential data. Additionally, an attacker may be able to execute arbitrary code, leading to further compromise of the system.

How the module works?

The "NatShell - Local File Inclusion" module works by sending a specific HTTP request to the target server. The request is designed to exploit the vulnerability and retrieve sensitive files from the server's file system.

For example, the module may send a GET request to the "/download.php?file=../../../../../etc/passwd" endpoint. This request attempts to access the "/etc/passwd" file, which contains user account information on Unix-like systems.

The module includes matching conditions to determine if the vulnerability is present. In this case, it checks if the response contains the string "toor:[x*]:0:0" (indicating the presence of the "toor" user account) and if the response status is 200 (indicating a successful request).

If both conditions are met, the module reports the vulnerability, indicating that the NatShell software is susceptible to local file inclusion.

Classification

CWE-ID: CWE-22

CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS-Score: 7.5

Reference

- https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw

Metadata

max-request: 1

fofa-query: title="蓝"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/download.php?file=....
Matching conditions
regex: toor:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability