commix v2.6.22-dev: Automated All-in-One OS command injection and exploitation tool

Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.

 

Changelog

Version 2.6 (upcoming)

  • Added: Support for “Netcat-Openbsd” (nc without -e) on “reverse_tcp” and “bind_tcp” shell options.
  • Added: Support for “Socat” on “reverse_tcp” and “bind_tcp” shell options.
  • Revised: Minor improvement regarding counting the total of HTTP(S) requests, for the identified injection point(s) during the detection phase.
  • Fixed: Minor bug-fix regarding providing the target host’s root directory.
  • Added: New tamper script “sleep2timeout.py” that uses “timeout” function for time-based attacks.
  • Added: New tamper script “sleep2usleep.py” that replaces “sleep” with “usleep” command in the time-related generated payloads.
  • Replaced: The --purge-output option has been replaced with --purge option.
  • Fixed: Minor bug-fix regarding performing injections through cookie parameters.
  • Revised: Minor improvement regarding ignoring the Google Analytics cookie in all scanning attempts.
  • Fixed: Minor bug-fix regarding “bind_tcp” shell option.

v2.5

  • Fixed: Multiple bug-fixes regarding several reported unhandled exceptions.
  • Revised: Improvement regarding identifying the appropriate format parameters, in the provided POST data.
  • Added: Support regarding recognition of generic “your ip has been blocked” messages.
  • Added: Support regarding checking for potential browser verification protection mechanism.
  • Added: Support regarding checking for potential CAPTCHA protection mechanism.
  • Revised: The separators list, has been shortly revised.
  • Revised: Minor improvement regarding the extracted HTTP response headers.
  • Added: New tamper script “nested.py” that adds double quotes around of the generated payloads (for *nix targets).
  • Fixed: Minor bug-fix regarding performing injections through HTTP Headers (e.g User-Agent, Referer, Host etc).
  • Fixed: Major bug-fixes regarding testing time-related (“time-based”/”tempfile-based”) payloads.
  • Added: New tamper script “backslashes.py” that adds back slashes () between the characters of the generated payloads (for *nix targets).
  • Fixed: Minor bug-fix regarding unicode decode exception error due to invalid codec, during connection on target host.
  • Revised: Improvement regarding combining tamper script “multiplespaces.py” with other space-related tamper script(s).
  • Added: New tamper script “multiplespaces.py” that adds multiple spaces around OS commands.

Download

git clone https://github.com/commixproject/commix.git commix

Copyright (c) 2014-2018 Anastasios Stasinopoulos

Source: https://github.com/commixproject/

 

Read more…

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

Leave a Reply

SC ProDefence SRL - Cyber Security Services