Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Nginx Server - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#exposure#config#lfi#nginx
Description

What is the "Nginx Server - Local File Inclusion?"

The "Nginx Server - Local File Inclusion" module is designed to detect a vulnerability in Nginx server that allows for local file inclusion. This vulnerability can potentially lead to unauthorized access to sensitive files on the server. The module focuses on identifying misconfigurations or vulnerabilities related to Nginx server instances. It is important to note that this module has a high severity level, indicating the potential impact it can have on the security of the server.

Impact

A successful exploitation of the local file inclusion vulnerability in Nginx server can result in unauthorized access to sensitive files. This can lead to the exposure of confidential information, such as user credentials, configuration files, or other sensitive data stored on the server. Attackers can leverage this vulnerability to gain deeper access to the system and potentially execute arbitrary code or perform further malicious activities.

How the module works?

The "Nginx Server - Local File Inclusion" module works by sending specific HTTP requests to the target server and analyzing the responses. It checks for the presence of certain patterns in the response body and verifies the HTTP status code to determine if the vulnerability is present. The module uses a set of predefined requests with different paths to test for the vulnerability.

For example, one of the requests used by the module is:

GET /static///////../../../../etc/passwd

This request attempts to access the "/etc/passwd" file by manipulating the path. If the response contains the "root:.*:0:0:" pattern and the HTTP status code is 200, it indicates a potential local file inclusion vulnerability.

The module also checks for other conditions, such as the presence of the "app.listen" pattern in the response body, to increase the accuracy of the detection.

It is important to regularly scan and patch Nginx server instances to mitigate the risk of local file inclusion vulnerabilities and ensure the security of sensitive data.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET///////../../../etc/.../static///////../../...///../app.js
Matching conditions
regex: root:.*:0:0:, app.listenand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability