WordPress Vault 0.8.6.6 - Local File Inclusion

What is "WordPress Vault 0.8.6.6 - Local File Inclusion?"

The "WordPress Vault 0.8.6.6 - Local File Inclusion" module is designed to detect a vulnerability in the WordPress Vault plugin version 0.8.6.6. This vulnerability allows an attacker to include local files from the server, potentially leading to unauthorized access and information disclosure. The severity of this vulnerability is classified as high.

This module was authored by 0x_Akoko.

Impact

If successfully exploited, the local file inclusion vulnerability in WordPress Vault 0.8.6.6 can allow an attacker to access sensitive files on the server. This could include configuration files, user credentials, or other sensitive information. The unauthorized access to these files can lead to further exploitation and compromise of the affected system.

How does the module work?

The module sends a specific HTTP request to the target WordPress site, attempting to exploit the local file inclusion vulnerability. The request path includes a parameter that traverses directories to access sensitive files, such as the "/etc/passwd" file.

The module then applies matching conditions to determine if the vulnerability is present. It checks if the response contains the string "root:.*:0:0:" (indicating the presence of the root user in the "/etc/passwd" file) and if the response status is 200 (indicating a successful request).

By analyzing the response and matching conditions, the module can determine if the WordPress Vault 0.8.6.6 plugin is vulnerable to local file inclusion.

For more information, you can refer to the exploit-db.com page.

Metadata: max-request: 1