Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "openSIS 5.1 - Local File Inclusion" module is designed to detect a vulnerability in the openSIS 5.1 software. This vulnerability allows attackers to exploit a local file inclusion vulnerability, potentially gaining access to sensitive information. The severity of this vulnerability is classified as high.
This module was authored by pikpikcu.
If successfully exploited, the openSIS 5.1 local file inclusion vulnerability can allow attackers to execute arbitrary local scripts in the context of the application. This can lead to unauthorized access to sensitive information and potentially compromise the security of the system.
The "openSIS 5.1 - Local File Inclusion" module works by sending HTTP requests to the target application. It specifically targets the "/opensis/ajax.php" and "/ajax.php" paths, attempting to exploit the vulnerability by including arbitrary files from the system.
An example of an HTTP request sent by the module:
GET /opensis/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php
The module includes matching conditions to determine if the vulnerability is present. It checks for the presence of the string "root:[x*]:0:0" in the response body, indicating the successful inclusion of the "/etc/passwd" file. Additionally, it verifies that the HTTP response status is 200.
If both matching conditions are met, the module reports the vulnerability.