Interlib Local File Inclusion Scanner

Interlib is a software system commonly used in libraries to manage and catalog books, media, and other resources. It is designed for use by library staff for efficient resource management and is also accessible to patrons for searching the catalog. The system supports a variety of functions, including loan processing, inventory management, and user account management. Due to its wide range of functionalities, it is an integral tool in modern libraries aiming to streamline operations and enhance user experience. Interlib is typically utilized by public libraries, educational institutions, and corporate libraries. Its deployment is essential in ensuring that library operations are run smoothly and effectively.

A Local File Inclusion (LFI) vulnerability allows an attacker to trick the web application into exposing or running files on the web server. This is commonly leveraged by attackers to include files that are not intended to be accessible, such as configuration files. In this case, the Interlib software may be vulnerable to LFI attacks, allowing an attacker to read arbitrary files. Exploiting such vulnerabilities can lead to exposure of sensitive data stored within the server. As a result, unauthorized users can gain access to confidential configurations or credentials. The security loophole generally arises due to improperly sanitized input fields that are susceptible to manipulation.

This LFI vulnerability in Interlib potentially allows attackers to include sensitive files through specific HTTP requests. It exploits endpoints such as '/interlib/report/ShowImage' to manipulate the 'localPath' parameter. Attackers may craft requests that navigate to restricted directories and expose files like 'etc/passwd' or 'C:\Windows\system.ini'. The vulnerability is detected using the status code returned in the server response and patterns matching UNIX or Windows-supported artifacts. Successful exploitation of this vulnerability could lead to unauthorized access to server resources and data leakage. It is critical to ensure these parameters are secure to prevent any manipulation that may lead to file inclusion vulnerabilities.

If the Local File Inclusion vulnerability in Interlib is exploited, it could have several detrimental effects. The immediate impact may be unauthorized access to sensitive files, including configuration files containing credentials or keys that can be further exploited for lateral attacks. This access might provide administrative capabilities to malicious actors, allowing them to execute arbitrary commands or scripts. Moreover, it could compromise user privacy by exposing personal data stored in the system. It may lead to data integrity issues, where the attacker alters the data, causing substantial operational disruptions. Ultimately, this vulnerability poses a significant data security risk, potentially leading to data breaches and loss of trust among library users.

REFERENCES

• https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/PeiQi/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%9B%BE%E5%88%9B%E8%BD%AF%E4%BB%B6/%E5%9B%BE%E5%88%9B%E8%BD%AF%E4%BB%B6%20%E5%9B%BE%E4%B9%A6%E9%A6%86%E7%AB%99%E7%BE%A4%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
• https://forum.butian.net/article/217