External Command Injection plugin link #412

Closed
7a opened this Issue Apr 14, 2015 · 4 comments

Comments

Projects
None yet
4 participants
@7a
Member

7a commented Apr 14, 2015

The following tool could be a nice addition to assist pentesters in manual exploitation.
I would suggest to add this as a link to an external command injection plugin:
https://github.com/stasinopoulos/commix

I don't think it would be smart to throw this at a website by default (would slow scans for nothing most of the time, these things are typically best when you find a promising page), although maybe we could have an "aggressive" mode where we do this in a future phase as an active plugin too.

@7a 7a added the Enhancement label Apr 14, 2015

@tunnelshade tunnelshade added the Easy Fix label Jun 9, 2015

@arunk-s

This comment has been minimized.

Show comment
Hide comment
@arunk-s

arunk-s Oct 29, 2015

Contributor

@7a, Can you point me to the direction where changes would be required. I think I should start with this one.

Contributor

arunk-s commented Oct 29, 2015

@7a, Can you point me to the direction where changes would be required. I think I should start with this one.

@7a

This comment has been minimized.

Show comment
Hide comment
@7a

7a Oct 30, 2015

Member

Take a look at other external plugins, I believe around
plugins/web/external, there is a framework API that you can use to generate
the link, easy :) hugs
On 29 Oct 2015 14:45, "Arun Sori" notifications@github.com wrote:

@7a https://github.com/7a, Can you point me to the direction where
changes would be required. I think I should start with this one.


Reply to this email directly or view it on GitHub
#412 (comment).

Member

7a commented Oct 30, 2015

Take a look at other external plugins, I believe around
plugins/web/external, there is a framework API that you can use to generate
the link, easy :) hugs
On 29 Oct 2015 14:45, "Arun Sori" notifications@github.com wrote:

@7a https://github.com/7a, Can you point me to the direction where
changes would be required. I think I should start with this one.


Reply to this email directly or view it on GitHub
#412 (comment).

@tunnelshade

This comment has been minimized.

Show comment
Hide comment
@tunnelshade

tunnelshade Oct 30, 2015

Member

Hey @arunk-s . Have a look at #162

Member

tunnelshade commented Oct 30, 2015

Hey @arunk-s . Have a look at #162

arunk-s added a commit to arunk-s/owtf that referenced this issue Nov 27, 2015

Fix issue #412
Add External Command Injection Plugin Link

arunk-s added a commit to arunk-s/owtf that referenced this issue Nov 27, 2015

Fix issue #412
Add External Command Injection Link

viyatb added a commit that referenced this issue Dec 6, 2015

@viyatb

This comment has been minimized.

Show comment
Hide comment
@viyatb

viyatb Dec 6, 2015

Member

Closing as fix merged in the develop branch.

Member

viyatb commented Dec 6, 2015

Closing as fix merged in the develop branch.

@viyatb viyatb closed this Dec 6, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment