The Commix (abbreviation for [comm] and [ i ] njection e [x] ploiter) is an automated tool written by Anastasios Stasinopoulos ( @ancst ), which can be used by web developers, penetration testers or even security researchers to test web applications for errors or vulnerabilities related to attacks command injection.
Using this tool, it is very easy to find and exploit a command injection vulnerability in a specific vulnerable parameter or HTTP header.
Conditions
Version required Python 2.6 , 2.7 the 3.x to run this program.
Installation
We download it commix from the Git repository:
git clone https://github.com/commixproject/commix.git commixThe Commix already exists in official repositories of the following Linux distributions so that you can use it package manager for to install it!
The Commix is also coming as an add-on , in the following penetration testing frameworks:
- TrustedSec's Penetration Testers Framework (PTF)
- OWASP Offensive Web Testing Framework (OWTF)
- CTF-Tools
- PentestBox
- PenBox
- Katoolin
- Aptive's Penetration Testing tools
- Homebrew Tap - Pen Test Tools
- fsociety Hacking Tools Pack - A Penetration Testing Framework
Supported platforms
- Linux
- Mac OS X
- Windows (experimental)
Use
To display all available program options, type the following command:
python commix.py -hApplication snapshots
Microsoft has removed the ability to postpone updates to Windows 10 2004
Comment Policy:
IGuRu.gr does not post comments directly. Malicious comments, comments that include ads, or comments with insults are deleted without any notice. We do not adopt the views expressed by our readers.
Your comments will be displayed after approval by the administrators