Comments (7)
Hey @Tompazi, try to use the "*" wildcard in order to specify where to inject (in the URI) i.e. commix -u http://10.0.0.1/index.pl?*
from commix.
Same result, keep in mind there is also POST data.
also:
$ grep INJECT_TAG /usr/share/commix/src/utils/settings.py
INJECT_TAG = "INJECT_HERE"
$ grep VERSION_NUM /usr/share/commix/src/utils/settings.py -m 1
VERSION_NUM = "1.3.16"
Am I using the wrong version?
from commix.
Try to use commix -u http://10.0.0.1/index.pl?*
and then enter your post data.
from commix.
I'm sorry but what do you mean? How shouId I enter my post data, I do it like this:
commix -u http://10.0.0.1/index.pl?* --data=$POST_DATA
It's still only injecting the post parameters.
from commix.
You should be entering it like this: commix -u http://10.0.0.1/index.pl/* --data="POST_DATA"
(without the $ symbol). For example, if there are two POST A and B parameters and you want to test the URL itself, you should write: commix -u http://10.0.0.1/index.pl/* --data="A=whatever&B=whatever"
. (The "INJECT_HERE" is replaced by "*".) For more info, please check Commix Wiki Page at https://github.com/stasinopoulos/commix/wiki/Usage-Examples.
from commix.
I think we are not communicating correctly. Look at this, is this intended behavior? I do not want to test the post parameters.
from commix.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related issues.
from commix.
Related Issues (20)
- ModuleNotFoundError: No module named 'src.thirdparty.six.moves' | NameError: name 'settings' is not defined HOT 2
- How can I do blind injection? HOT 2
- Bug Report: Unhandled exception "UnicodeEncodeError: 'gbk' codec can't encode character '\u032b' in position 38: illegal multibyte sequence" (#c8270b10) HOT 1
- Bug Report: Unhandled exception "UnicodeEncodeError: 'gbk' codec can't encode character '\u013e' in position 29: illegal multibyte sequence" (#c8270b10) HOT 2
- Bug Report: Unhandled exception "UnicodeEncodeError: 'ascii' codec can't encode characters in position 10-11: ordinal not in range(128)" (#77e253d5) HOT 2
- Tor start bug HOT 2
- Bug Report: Unhandled exception "UnicodeEncodeError: 'gbk' codec can't encode character '\u0579' in position 25: illegal multibyte sequence" (#c8270b10) HOT 2
- Bug Report: Unhandled exception "ValueError: Empty module name" (#08032667) HOT 1
- NameError: name 'settings' is not defined & ModuleNotFoundError: No module named 'src.thirdparty.six.moves' HOT 7
- Unhandled exception (#bf93605a) HOT 2
- Bug Report: Unhandled exception "http.client.IncompleteRead: IncompleteRead(0 bytes read)" (#d3796db0) HOT 2
- Bug Report: Unhandled exception "IndexError: list index out of range" (#3cecc724) HOT 1
- Bug Report: Unhandled exception "IndexError: list index out of range" (#3cecc724) HOT 1
- Bug Report: Unhandled exception "AttributeError: 'Values' object has no attribute 'ignore_stdin'" (#c5c65ede) HOT 2
- Bug Report: Unhandled exception "IndexError: list index out of range" (#4f8f4280)
- Unhandled exception (#659779b9) HOT 1
- Bug Report: Unhandled exception "UnboundLocalError: cannot access local variable 'result' where it is not associated with a value" (#fe6d97aa)
- Bug Report: Unhandled exception "SyntaxError: invalid syntax" (#c6469b6a)
- Bug Report: Unhandled exception "http.client.IncompleteRead: IncompleteRead(50818 bytes read)" (#8f4673b1) HOT 1
- Bug Report: Unhandled exception "io.UnsupportedOperation: fileno" (#554eb00e)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from commix.