Installation of the commix tool
Step 1: Open your kali Linux operating system and use the following command to install the tool.
cd Desktop
git clone https://github.com/commixproject/commix.git commix
Step 2: The tool has been installed successfully. Now use the following command to move into the directory of the tool.
cd commix ls
Step 3: Now you are in the directory of the tool. Use the following command to run the tool.
python3 commix.py
The tool is running successfully. Now we will see examples to use the tool.
Commix – OS Command Injection and Exploitation Tool
In terms of security, we also refer to command injection as shell injection and operating system injection. Command injection lies in the OWASP top 10 every year. Command injection is a hacking technique in which hackers execute commands in the host operating system through vulnerable web applications after scanning. This attack can be possible if a web application is sending user data to its system shell through some connectivity. This user data can be of any type which can be HTTP headers or cookies or forms etc. The history of command injection is very interesting because command injection was accidentally discovered by a programmer in Norway in mid-1997. The command injection vulnerability gave rise to another new type of command injection which is SQL command injection.