Search the Community

Showing results for tags 'commix'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 2 results

  1. Commix (short for [comm]and njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header. Changelog Version 3.1 Fixed: Multiple bug-fixes regarding several reported unhandled exceptions. Added: A script “setup.py” has been added (i.e. easier installation). Revised: Improvement regarding checking if the provided value has boundaries (e.g. ‘param=/value/’). Revised: Improvement regarding dynamic code evaluation technique’s heurstic checks. Revised: Improvement regarding identifying the indicated web-page charset. Revised: Minor improvement regarding verbose mode (i.e. debug messages). Fixed: Bug-fix regarding Basic HTTP authentication. Revised: Minor improvement regarding redirection mechanism. Fixed: Bug-fix regarding defining wildcard character “*” in nested JSON objects. Revised: Minor improvement regarding Flatten_json (third party) module. Revised: Minor improvement regarding parsing nested JSON objects. Added: New tamper script “doublequotes.py” that adds double-quotes (“”) between the characters of the generated payloads (for *nix targets). Fixed: Bug-fix regarding parsing raw HTTP headers from a file (i.e. -r option). Revised: Improvements regarding data in the detailed message about occurred unhandled exception. Revised: Minor bug-fixes and improvements regarding HTTP authentication dictionary-based cracker. [hide][Hidden Content]]
  2. Commix (short for [comm]and njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header. Requirements Python version 2.6.x or 2.7.x is required for running this program. Supported Platforms Linux Mac OS X Windows (experimental) [HIDE][Hidden Content]] Exploitation Demos (Video) [Hidden Content]