Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.
First of all , install tamper data on firefox which is used for modifying http requests.We will be using DVWA for the testing purposes. DVWA is installed on the target machine with ip=192.168.0.105
Login into DVWA and set the security to low and open the command injection tab
Now, open the tamper data and start tampering and enter any IP address and submit . Now tamper data will pop up asking for tampering the data ,click on submit to all the pop-ups.
Now open tamper data and find the cookie value from the GET request and copy it.
Also copy the POST string from the POST method.
Now open up the terminal on kali Linux and type the following command
commix –url=”http://192.168.0.105/dvwa/vulnerabilities/exec/#” –cookie=”security=low; PHPSESSID=nh5ehntedbu7ha97lpm8o8vjm2″ –data=”ip=192.168.0.105&Submit=Submit”
In URL field paste the target URL.
In the cookie field paste the cookie value you copied and in data field paste the POST string you copied and put the IP of target machine in the ip field of post string .
After execution of the command you will get the os-shell of the targeted machine and you can run any windows command as my target machine was windows.
Author: Himanshu Gupta is a Information Security Researcher | Technical writer. You can follow him on LinkedIn .
The post Exploiting OS Command Injection in Web Application using Commix appeared first on Hacking Articles.