Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

ProcessMaker <=3.5.4 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#processmaker#lfi#edb
Description

ProcessMaker <=3.5.4 - Local File Inclusion

ProcessMaker <=3.5.4 - Local File Inclusion is a module that targets the ProcessMaker software. This module is designed to detect the vulnerability of local file inclusion in versions 3.5.4 and prior. The severity of this vulnerability is high.

Impact

The local file inclusion vulnerability in ProcessMaker <=3.5.4 can allow an attacker to include arbitrary files from the server's file system. This can lead to unauthorized access to sensitive information, such as configuration files, user credentials, or other sensitive data stored on the server.

How the module works?

The module sends an HTTP GET request to the target server, attempting to access the /../../../..//etc/passwd file. This file is commonly used to store user account information on Unix-based systems. The module then checks if the response contains the string "root:.*:0:0:" to determine if the file inclusion was successful. Additionally, it verifies that the HTTP response status is 200 to ensure the file is accessible.

This module is part of the Vidoc platform, which uses multiple modules to perform scanning. Each module represents a specific test case, and this module focuses on detecting the local file inclusion vulnerability in ProcessMaker <=3.5.4.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
regex: root:.*:0:0:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability