OrbiTeam BSCW Server - Local File Inclusion

What is the "OrbiTeam BSCW Server - Local File Inclusion?"

The "OrbiTeam BSCW Server - Local File Inclusion" module is designed to detect a vulnerability in the OrbiTeam BSCW Server software. This vulnerability allows unauthenticated users to exploit a local file inclusion vulnerability. The severity of this vulnerability is classified as high.

This module was authored by 0x_Akoko.

Impact

If successfully exploited, this vulnerability can allow an attacker to access sensitive files on the server, potentially leading to unauthorized access, data leakage, or further compromise of the system.

How the module works?

The module sends an HTTP GET request to the target server with a specific path parameter. The request attempts to access the "/pub/bscw.cgi/30?op=theme&style_name=../../../../../../../../etc/passwd" path, which is vulnerable to local file inclusion.

The module then applies two matching conditions to determine if the vulnerability is present. First, it checks if the response contains the string "root:[x*]:0:0", indicating the presence of the root user in the "/etc/passwd" file. Second, it verifies that the response status code is 200, indicating a successful request.

If both conditions are met, the module reports the vulnerability.

Note: The above description provides a simplified explanation of the module's functionality. For detailed technical information, please refer to the module's JSON definition.