From 8ede51991467076202644e21c9a28ac5b0530327 Mon Sep 17 00:00:00 2001 From: stasinopoulos Date: Mon, 7 Mar 2022 10:56:04 +0200 Subject: [PATCH] Minor patch for injecting into custom HTTP Header --- setup.py | 2 +- src/core/requests/headers.py | 1 + src/core/requests/requests.py | 2 +- src/utils/settings.py | 7 ++++--- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/setup.py b/setup.py index 049b89c5d6..d328f17c46 100644 --- a/setup.py +++ b/setup.py @@ -17,7 +17,7 @@ setup( name='commix', - version='3.4', + version='3.5-dev', description='Automated All-in-One OS Command Injection Exploitation Tool', long_description=open('README.md').read(), long_description_content_type='text/markdown', diff --git a/src/core/requests/headers.py b/src/core/requests/headers.py index b4aff61a45..495573cbcd 100755 --- a/src/core/requests/headers.py +++ b/src/core/requests/headers.py @@ -424,6 +424,7 @@ def do_check(request): settings.INJECT_TAG in http_header_value: settings.CUSTOM_HEADER_INJECTION = True settings.CUSTOM_HEADER_NAME = http_header_name + settings.CUSTOM_HEADER_VALUE = http_header_value # Add HTTP Header name / value to the HTTP request if http_header_name not in [settings.HOST, settings.USER_AGENT, settings.REFERER, settings.COOKIE]: request.add_header(http_header_name, http_header_value) diff --git a/src/core/requests/requests.py b/src/core/requests/requests.py index f0063bdb21..66dbad4bf8 100755 --- a/src/core/requests/requests.py +++ b/src/core/requests/requests.py @@ -895,7 +895,7 @@ def inject_custom_header(url, vuln_parameter, payload, proxy): #Check if defined extra headers. headers.do_check(request) payload = checks.newline_fixation(payload) - request.add_header(settings.CUSTOM_HEADER_NAME, payload) + request.add_header(settings.CUSTOM_HEADER_NAME, settings.CUSTOM_HEADER_VALUE.replace(settings.INJECT_TAG, payload)) try: headers.check_http_traffic(request) response = opener.open(request) diff --git a/src/utils/settings.py b/src/utils/settings.py index 7f0c2a2817..384cdbef6e 100755 --- a/src/utils/settings.py +++ b/src/utils/settings.py @@ -224,9 +224,9 @@ def sys_argv_errors(): DESCRIPTION_FULL = "Automated All-in-One OS Command Injection Exploitation Tool" DESCRIPTION = "The command injection exploiter" AUTHOR = "Anastasios Stasinopoulos" -VERSION_NUM = "3.4" -REVISION = "66" -STABLE_RELEASE = True +VERSION_NUM = "3.5" +REVISION = "1" +STABLE_RELEASE = False if STABLE_RELEASE: VERSION = "v" + VERSION_NUM + "-stable" else: @@ -580,6 +580,7 @@ def sys_argv_errors(): # Custom HTTP Headers injection CUSTOM_HEADER_INJECTION = False CUSTOM_HEADER_NAME = "" +CUSTOM_HEADER_VALUE = "" # Valid URL format check VALID_URL_FORMAT = "https?://(?:www)?(?:[\w-]{2,255}(?:\.\w{2,6}){1,2})(?:/[\w&%?#-]{1,310})?"