commix,command injection exploitation tool,commix kali linux,commix command injection

Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.

Change log v1.9-20170502

Revised: Minor improvement in results-based techniques, for delaying the OS responses depending on the user-provided time delay.

Revised: The time-related (“time-based”/”tempfile-based”) payloads, have been shortly revised.

Revised: Minor improvement in file-based technique, for delaying the OS responses depending on the user-provided time delay.

Fixed: Minor improvement in file-based technique, regarding τhe directory path that the output file is saved.

Added: New option “–ignore-redirects” that ignoring redirection attempts.

Added: New functionality for identifying and following URL redirections.

Fixed: Minor improvement for adding “/” at the end of the user provided root dir (in case it does not exist).

Revised: The file-based payload for deleting files with execution output has been shortly revised.

Replaced: The “–root-dir” option has been replaced with “–web-root” option.

Added: New option “–wizard” that shows a simple wizard interface for beginner users.

Installation

git clone http://ift.tt/2iPAE5V commix

The post commix v1.9 release: Automated All-in-One OS command injection and exploitation tool appeared first on Penetration Testing in Linux. http://ift.tt/2pcJRYx http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s