Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SquirrelMail 1.2.11 - Local File Inclusion

By kannthu

High
Vidoc logoVidoc Module
#lfi#squirrelmail#edb
Description

What is "SquirrelMail 1.2.11 - Local File Inclusion?"

The "SquirrelMail 1.2.11 - Local File Inclusion" module is designed to detect a vulnerability in SquirrelMail version 1.2.11. SquirrelMail is an open-source web-based email client that allows users to access their email accounts remotely. This module specifically targets the Local File Inclusion (LFI) vulnerability in SquirrelMail.

The severity of this vulnerability is classified as high, indicating that it poses a significant risk to the security of the system.

This module was authored by dhiyaneshDk.

Impact

The Local File Inclusion vulnerability in SquirrelMail 1.2.11 can allow an attacker to include arbitrary files from the server's file system. This can lead to unauthorized access to sensitive information, such as configuration files or user credentials. Exploiting this vulnerability can potentially compromise the confidentiality and integrity of the system.

How the module works?

The "SquirrelMail 1.2.11 - Local File Inclusion" module works by sending specific HTTP requests to the target server. It checks if the server responds with a status code of 200 and if the response contains the string "root:[x*]:0:0" using regular expression matching.

An example of an HTTP request sent by this module is:

GET /src/read_body.php?mailbox=/etc/passwd&passed_id=1& HTTP/1.1
Host: [target_host]

If the conditions for a successful match are met, the module reports the vulnerability.

It is important to note that this module is designed for detection purposes only and does not perform any active exploitation or modification of the target system.

For more information about this vulnerability, you can refer to the Exploit Database.

Metadata: max-request: 2

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/src/read_body.php?m.../src/download.php?ab...
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability