Quantcast
Channel: Penetration Testing Archives - Hacking Articles
Viewing all articles
Browse latest Browse all 812

Exploiting OS Command Injection in Web Application using Commix

$
0
0

Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.

First of all , install tamper data on firefox which is used for modifying  http requests.We will be using DVWA  for the testing purposes. DVWA is installed on the target machine with ip=192.168.0.105

Login into DVWA and set  the security to low and open the command injection tab

Now, open the tamper data and start tampering  and enter any IP address and submit . Now tamper data will pop up asking for tampering the data ,click on submit  to all the pop-ups.

Now open tamper data and find the cookie value from the GET request  and copy it.

Also copy the POST string from the POST method.

Now open up the terminal on kali Linux and type the following command

commix  –url=”http://192.168.0.105/dvwa/vulnerabilities/exec/#” –cookie=”security=low; PHPSESSID=nh5ehntedbu7ha97lpm8o8vjm2″ –data=”ip=192.168.0.105&Submit=Submit”

In URL field paste the  target URL.

In the cookie field paste the cookie value you copied and in data field paste the POST string you copied and put the IP of target machine in the ip field of post string .

After execution of the command you will get the os-shell of the targeted  machine and you can run any windows command as my target machine was windows.

Author: Himanshu Gupta is a Information Security Researcher | Technical writer. You can follow him on LinkedIn .

The post Exploiting OS Command Injection in Web Application using Commix appeared first on Hacking Articles.


Viewing all articles
Browse latest Browse all 812

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>