Details

Category: Vulnerabilities

Publisher: trickest

Created Date: 9/7/2021

Container: quay.io/trickest/commix:fc5febe-patch-3

Source URL: https://github.com/commixproject/commix

Parameters

os
string
Command: --os - Force back-end operating system (e.g. 'Windows' or 'Unix').
all
boolean
Command: --all - Retrieve everything.
tor
boolean
Command: --tor - Use the Tor network.
url
string
required
Command: - Target URL.
data
string
Command: --data - Data string to be sent through POST.
host
string
Command: --host - HTTP Host header.
Command: --skip - Skip testing for given parameter(s).
urls
file
required
Command: - Scan multiple targets given in a textual file.
alert
string
Command: --alert - Run host OS command(s) when injection point is found.
codec
string
Command: --codec - Force codec for character encoding (e.g. 'ascii').
crawl
boolean
Command: --crawl - Crawl the website starting from the target URL
delay
string
Command: --delay - Seconds to delay between each HTTP request.
level
string
Command: --level - Level of tests to perform (1-3, Default: 1).
proxy
string
Command: --proxy - Use a proxy to connect to the target URL.
purge
boolean
Command: --purge - Safely remove all content from commix data directory.
smart
boolean
Command: --smart - Perform thorough tests only if positive heuristic(s).
users
boolean
Command: --users - Retrieve system users.
Command: --cookie - HTTP Cookie header.
Command: --header - Extra header (e.g. 'X-Forwarded-For: 127.0.0.1').
maxlen
string
Command: --maxlen - Set the max length of output for time-related
method
string
Command: --method - Force usage of given HTTP method (e.g. PUT)
mobile
boolean
Command: --mobile - Imitate smartphone through HTTP User-Agent header.
os-cmd
string
Command: --os-cmd - Execute a single operating system command.
prefix
string
Command: --prefix - Injection payload prefix string.
suffix
string
Command: --suffix - Injection payload suffix string.
tamper
string
Command: --tamper - Use given script(s) for tampering injection data.
answers
string
Command: --answers - Set predefined answers (e.g. quit=N,follow=N)
charset
string
Command: --charset - Time-related injection charset (e.g. 0123456789abcdef)
headers
string
Command: --headers - Extra headers (e.g. 'Accept-Language: fr ETag: 123').
is-root
boolean
Command: --is-root - Check if the current user have root privileges.
offline
boolean
Command: --offline - Work in offline mode.
referer
string
Command: --referer - HTTP Referer header.
request
file
Command: -r - Load HTTP request from a file.
retries
string
Command: --retries - Retries when the connection timeouts (Default: 3).
session
file
Command: -s - Load session from a stored (.sqlite) file.
sitemap
boolean
Command: -x - Parse target(s) from remote sitemap(.xml) file.
timeout
string
Command: --timeout - Seconds to wait before timeout connection (Default:
auth-url
string
Command: --auth-url - Login panel URL.
hostname
boolean
Command: --hostname - Retrieve current hostname.
is-admin
boolean
Command: --is-admin - Check if the current user have admin privileges.
log-file
file
Command: -l - Parse target from HTTP proxy log file.
skip-waf
boolean
Command: --skip-waf - Skip heuristic detection of WAF/IPS/IDS protection.
sys-info
boolean
Command: --sys-info - Retrieve system information.
time-sec
string
Command: --time-sec - Seconds to delay the OS response (Default: 1).
tmp-path
string
Command: --tmp-path - Set the absolute path of web server's temp directory.
tor-port
string
Command: --tor-port - Set Tor proxy port (Default: 8118).
web-root
string
Command: --web-root - Set the web server document root directory (e.g. '/var/www').
auth-cred
string
Command: --auth-cred - HTTP authentication credentials (e.g. 'admin:admin').
auth-data
string
Command: --auth-data - Login parameters and data.
auth-type
string
Command: --auth-type - HTTP authentication type (Basic, Digest, Bearer).
file-dest
string
Command: --file-dest - Host's absolute filepath to write and/or upload to.
file-read
string
Command: --file-read - Read a file from the target host.
force-ssl
boolean
Command: --force-ssl - Force usage of SSL/HTTPS.
param-del
string
Command: --param-del - Set character for splitting parameter values.
parameter
string
Command: -p - Testable parameter(s).
passwords
boolean
Command: --passwords - Retrieve system users password hashes.
skip-calc
boolean
Command: --skip-calc - Skip the mathematic calculation during the detection
technique
string
Command: --technique - Specify injection technique(s) to use.
tor-check
boolean
Command: --tor-check - Check to see if Tor is used properly.
verbosity
string
Command: -v - Verbosity level (0-4, Default: 0).
Command: --cookie-del - Set character for splitting cookie values.
file-write
string
Command: --file-write - Write to a file on the target host.
no-logging
boolean
Command: --no-logging - Disable logging to a file.
privileges
boolean
Command: --privileges - Retrieve system users privileges.
ps-version
boolean
Command: --ps-version - Retrieve PowerShell's version number.
shellshock
boolean
Command: --shellshock - The 'shellshock' injection module.
skip-empty
boolean
Command: --skip-empty - Skip testing the parameter(s) with empty value(s).
url-reload
boolean
Command: --url-reload - Reload target URL after command execution.
user-agent
string
Command: --user-agent - HTTP User-Agent header.
alter-shell
string
Command: --alter-shell - Use an alternative os-shell (e.g. 'Python').
file-upload
string
Command: --file-upload - Upload a file on the target host.
ignore-code
string
Command: --ignore-code - Ignore (problematic) HTTP error code (e.g. 401).
current-user
boolean
Command: --current-user - Retrieve current user name.
failed-tries
string
Command: --failed-tries - Set a number of failed injection tries, in file-based
ignore-proxy
boolean
Command: --ignore-proxy - Ignore system default proxy settings.
list-tampers
boolean
Command: --list-tampers - Display list of available tamper scripts.
random-agent
boolean
Command: --random-agent - Use a randomly selected HTTP User-Agent header.
crawl-exclude
string
Command: --crawl-exclude - Regexp to exclude pages from crawling (e.g. logout).
flush-session
boolean
Command: --flush-session - Flush session files for current target.
check-internet
boolean
Command: --check-internet - Check internet connection before assessing the target.
ignore-session
boolean
Command: --ignore-session - Ignore results stored in session file.
skip-technique
string
Command: --skip-technique - Specify injection technique(s) to skip.
Command: --drop-set-cookie - Ignore Set-Cookie header from response.
skip-heuristics
boolean
Command: --skip-heuristics - Skip heuristic detection for code injection.
ignore-redirects
boolean
Command: --ignore-redirects - Ignore redirection attempts.
ignore-dependencies
boolean
Command: --ignore-dependencies - Ignore all required third-party library dependencies.