Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

OpenBMCS 2.4 - Server-Side Request Forgery / Remote File Inclusion

By kannthu

Medium
Vidoc logoVidoc Module
#ssrf#oast#openbmcs#edb
Description

What is "OpenBMCS 2.4 - Server-Side Request Forgery / Remote File Inclusion?"

The "OpenBMCS 2.4 - Server-Side Request Forgery / Remote File Inclusion" module is designed to detect vulnerabilities in the OpenBMCS 2.4 software. This module specifically targets server-side request forgery (SSRF) and remote file inclusion (RFI) vulnerabilities within the OpenBMCS 2.4 application.

These vulnerabilities can allow an attacker to manipulate server-side requests and include remote files, potentially leading to unauthorized access, data leakage, or other security breaches. The severity of these vulnerabilities is classified as medium, with a CVSS score of 6.8.

This module was authored by dhiyaneshDK.

Impact

If successfully exploited, the SSRF and RFI vulnerabilities in OpenBMCS 2.4 can have various impacts, including:

- Unauthorized access to sensitive information - Data leakage or exposure - Potential compromise of the server or application - Execution of arbitrary code

How the module works?

The "OpenBMCS 2.4 - Server-Side Request Forgery / Remote File Inclusion" module works by sending a specific HTTP request to the target server and then analyzing the response. The module uses matching conditions to determine if the target server is vulnerable to SSRF and RFI.

One example of an HTTP request used by this module is:

POST /php/query.php HTTP/1.1
Host: <Hostname>
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

ip=<InteractionURL>:80&argu=/

The module then applies matching conditions to the response, including checking for the presence of the "interactsh_protocol" word and a status code of 302. If these conditions are met, the module reports a vulnerability.

By using this module, security professionals can identify and address SSRF and RFI vulnerabilities in OpenBMCS 2.4, helping to protect against potential attacks and maintain the security of their systems.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: httpand
status: 302
Passive global matcher
No matching conditions.
On match action
Report vulnerability