Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#xss#edb#phpwiki#lfi
Description

What is the "phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion" module?

The "phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion" module is designed to detect vulnerabilities in the phpwiki 1.5.4 software. This module specifically targets cross-site scripting (XSS) and local file inclusion (LFI) vulnerabilities. XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access or data theft. LFI vulnerabilities, on the other hand, allow attackers to include and execute files from the local file system, potentially leading to remote code execution or sensitive information disclosure.

This module has a high severity rating, indicating that the detected vulnerabilities can have a significant impact on the security of the phpwiki 1.5.4 software.

Impact

The "phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion" module can have the following impacts:

- Cross-Site Scripting (XSS): Attackers can inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access, data theft, or the execution of arbitrary code. - Local File Inclusion (LFI): Attackers can include and execute files from the local file system, potentially leading to remote code execution or the disclosure of sensitive information.

How the module works?

The "phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion" module works by sending HTTP requests to the target system and analyzing the responses based on predefined matching conditions. It specifically targets the "/phpwiki/index.php/passwd" path using a GET request.

The module uses the following matching conditions to identify vulnerabilities:

- Regex Matcher: The module checks if the response contains the string "root:[x*]:0:0" using a regular expression. This helps identify potential LFI vulnerabilities. - Status Matcher: The module checks if the response status is 200, indicating a successful request. This helps confirm the presence of the target path and potential XSS vulnerabilities.

By analyzing the responses and matching conditions, the module can determine if the phpwiki 1.5.4 software is vulnerable to XSS and LFI attacks.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/phpwiki/index.php/p...
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability