General Information

Commi3 (short for [c]ryptoanalytic [o]ffensive [m]ultifunctional [m]icrostructure [i]njection [3] generation 3) is an Automated Command Line Tool (ACLT) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP/HTTPS header.

Legal Disclaimer

With each commi3 run end users are obligated to agree with the following prelude message:

(!) Legal disclaimer: Usage of Commi3 for attacking targets without prior mutual consent is illegal. 
It is the end user's responsibility to obey all applicable local, state and federal laws. 
Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Requirements

Python version 3.6.x or 3.7.x is required for running this program.

CL: pip install -r requirements.txt

CL: python setup.py install | python3 setup.py install

Installation

Download commi3 by cloning the Git repository:

git clone https://github.com/VanirLab/commi3.git commi3

Commi3 comes packaged on the official repositories of the following Linux distributions, so you can use the package manager to install it!

ArchStrike
BlackArch Linux
BackBox
Kali Linux
Parrot Security OS
Pentoo Linux
Weakerthan Linux

Commi3 also comes as a plugin, on the following penetration testing frameworks:

TrustedSec's Penetration Testers Framework (PTF)
OWASP Offensive Web Testing Framework (OWTF)
CTF-Tools
PentestBox
PenBox
Katoolin
Aptive's Penetration Testing tools
Homebrew Tap - Pen Test Tools

Supported Platforms

Linux
Mac OS X
Windows

Plugins:

Inject python code in Commi3 for custom exploits

{
    '0x000001': <module: 'my_new_exploit'>,
    '0x000023': <module: 'my_updated_exploit'>,
}

Usage

To get a list of all options and switches use:

python commi3.py -h & python3 commi3.py -h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly