Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WebUI 1.5b6 - Remote Code Execution

By kannthu

Critical
Vidoc logoVidoc Module
#webui#rce#edb
Description

WebUI 1.5b6 - Remote Code Execution

What is "WebUI 1.5b6 - Remote Code Execution?"

The "WebUI 1.5b6 - Remote Code Execution" module is designed to detect a vulnerability in the WebUI 1.5b6 software. This vulnerability allows remote attackers to execute arbitrary code through the "mainfile.php" endpoint by exploiting the "Logon" parameter. The severity of this vulnerability is classified as critical, with a CVSS score of 10.

This module was authored by pikpikcu.

Impact

If successfully exploited, this vulnerability can lead to remote code execution on the target system. Attackers can execute arbitrary code, potentially gaining unauthorized access, manipulating data, or causing further damage to the system.

How does the module work?

The module sends an HTTP GET request to the "/mainfile.php" endpoint with specific parameters. It then checks the response for two matching conditions:

    - The response body must contain the MD5 hash "c5b3d7397a90f42d222f7ed9408c0dc6". - The response status code must be 200 (OK).

If both conditions are met, the module reports a vulnerability.

Example HTTP request:

GET /mainfile.php?username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27

This module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various misconfigurations, vulnerabilities, and software fingerprints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/mainfile.php?userna...
Matching conditions
word: c5b3d7397a90f42d222f7ed9408c0dc6and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability