commix: Automatic command injection and exploitation program

Commix (abbreviation for [comm] and [ i ] njection e [x] ploiter) is an automated tool written by Anastasios Stasinopoulos ( @ancst ), which can be used by web developers, or even security researchers to test web applications to find bugs or vulnerabilities related to attacks command injection.  

Using this tool, it is very easy to find and exploit a command injection vulnerability in a specific vulnerable parameter or HTTP header.

Conditions

Required  Python 2.6 , 2.7 ή 3.x to run this program.

Installation

We download commix from the Git repository:

git clone https://github.com/commixproject/commix.git commix

Commix already exists in official repositories of the following Linux distributions so that you can use it package manager for to install it!

Commix is ​​coming too as an additive , in the following penetrations frameworks:

Supported platforms

  • Linux
  • Mac OS X
  • Windows (experimental)

Use

To display all available program options, type the following command:

python commix.py -h

Application snapshots

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).