Command Injection to Meterpreter using Commix

In this article, I will show how easily you can hack a web server using commix tool if the severe is suffering from OS command injection vulnerability and try to access the meterpreter shell.

Attacker: Kali Linux

Target: bwapp

Download it from here and install and run it with VMware.

Being an attacker browser target IP in browse:192.168.0.105/bwapp, now Login with bee: bug as credential and select OS command injection from choose your bug; then click on the hack.

Here requested web page gets open where you can execute any command. Now I will start the burp suite to capture the request. In order to start to intercept click the proxy tab and turn on intercept; don’t forget to run proxy inside the browser. Now give any command like IP: 192.168.0.105 and click on a lookup.

Inside burp suite, you will get the post request has been captured. Here we have victim’s details which will be helpful for making an attack on its web server. Now select the whole data from POST……. &form=submit then copied it and saved in a text file. I had saved it as os.txt and further use it with commix.

In the previous tutorial we had used manual step inside commix to execute the given command for making an attack but here the step is easier and convenient to apply for making an attack. Now Type the following command for commix to start the attack.

Hit enter or press Y as a reply of every question. From given screenshot, you can see I have got the victim’s shell and here I had executed following command to retrieve victim’s detail.

Now start reverse tcp connection using below steps.

 Option asks by commix to set backdoor for connection Type ‘2’ for other reverse TCP shells.

Option asks by commix to set target Type ‘5’ to use php meterpreter reverse tcp shell.

Copy the highlighted text and paste it on another terminal which will load the Metasploit framework and start multi handler automatically at the background.

Once the Metasploit get loaded then move back to the previous terminal where commix is running hit enter here.

From given screenshot, you can see I have got meterpreter shell.

Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Leave a Reply

Your email address will not be published. Required fields are marked *