• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / tools / commix: Automatic command injection and exploitation program

commix: Automatic command injection and exploitation program

29/06/2020 13:04 by Anastasis Vasileiadis

Commix (abbreviation for [comm] and [ i ] njection e [x] ploiter) is an automated tool written by Anastasios Stasinopoulos ( @ancst ), which can be used by web developers, penetration testers or even security researchers to test web applications for errors or vulnerabilities related to attacks command injection.  

Using this tool, it is very easy to find and exploit a command injection vulnerability in a specific vulnerable parameter or HTTP header.

687474703a2f2f692e696d6775722e636f6d2f6c4b6762336c712e706e67 - commix: Automatic command injection and exploitation program

Conditions

Version required Python 2.6 , 2.7 ή 3.x to run this program.

Installation

We download commix from the Git repository:

git clone https://github.com/commixproject/commix.git commix

Commix already exists in official repositories of the following Linux distributions so that you can use it package manager for to install it!

  • ArchStrike
  • BlackArch Linux
  • BackBox
  • Kali Linux
  • Parrot Security OS
  • Pentoo Linux
  • Weakerthan Linux

Commix is ​​coming too as an additive , in the following penetration testing frameworks:

  • TrustedSec's Penetration Testers Framework (PTF)
  • OWASP Offensive Web Testing Framework (OWTF)
  • CTF-Tools
  • PentestBox
  • PenBox
  • Katoolin
  • Aptive's Penetration Testing tools
  • Homebrew Tap - Pen Test Tools
  • fsociety Hacking Tools Pack - A Penetration Testing Framework

Supported platforms

  • Linux
  • Mac OS X
  • Windows (experimental)

Use

To display all available program options, type the following command:

python commix.py -h

Application snapshots

commix - commix: Automatic command injection and exploitation program

commix 1 - commix: Automatic command injection and exploitation program

commix: Automatic command injection and exploitation program was last modified: 29 June, 2020, 1: 04 mm by Anastasis Vasileiadis

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: toolstag: commix

You May Also Like

Try injection in Web apps with the Commix tool
Sigurlx: Internet mapping tool
Zmap: Simple and fast Network Scanner

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « Microsoft has removed the ability to postpone updates to Windows 10 2004
Next Post: What to do if you receive a Phishing mail? »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.