Exploit Command Injection Vulnearbility with Commix and Netcat

In this article, I will show how easily you can hack a web server using commix tool if the severe is suffering from OS command injection vulnerability.

Attacker: Kali Linux

Target: bwapp

 Download it from here and install and run it with VMware.

Being an attacker browser target IP in browse:192.168.0.105/bwapp, now Login with bee: bug as credential and select OS command injection from choose your bug; then click on the hack.

Here requested web page gets open where you can execute any command. Now I will start the burp suite to capture the request. In order to start to intercept click the proxy tab and turn on intercept; don’t forget to run proxy inside the browser. Now give any command like IP: 192.168.0.105 and click on a lookup.

Inside burp suite, you will get the post request has been captured. Here we have victim’s details which will be helpful for making an attack on its web server. Now select the whole data from POST…….&form=submit then copied it and saved in a text file. I had saved it as os.txt and further use it with commix.

In the previous tutorial we had used manual step inside commix to execute the given command for making an attack but here the step is easier and convenient to apply for making an attack. Now Type the following command for commix to start the attack.

 Hit enter or press Y as a reply of every question.

From given screenshot, you can see I have got the victim’s shell and here I had executed following command to retrieve victim’s detail.

In the next step I have tried to connect victim from netcat shell; open other terminal and type following command to start listener through netcat: nc –lvp 4444

Now start reverse tcp connection using netcat through commix and follow the below steps.

 Option asks by commix to set backdoor for connection Type ‘1’ for netcat reverse TCP shells.

Option asks by commix to set target Type ‘1’ to use default netcat on the target host.

On another terminal, you will get a reverse connection on netcat again type the following command

 Here you will see the result of commix shell and netcat is exactly the same.

Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Leave a Reply

Your email address will not be published. Required fields are marked *