search

commixproject / commix

Automated All-in-One OS Command Injection Exploitation Tool.
https://commixproject.com
Other
4.54k stars 811 forks source link

Bug Report: Unhandled exception "UnicodeDecodeError: 'utf8' codec can't decode byte 0xb2 in position 112: invalid start byte" #663

Closed commixreporter closed 3 years ago

commixreporter commented 3 years ago 
Commix version: 3.3-dev#53
Python version: 2.7.18
Operating system: posix
Command line: commix.py -u ***************************************** --cookie=************************************* security=low --data=************************** --file-write=/home/kali/weevely//var/www/html/favicon.ico --file-dest=/var/www/html/test/ --os-cmd=pwd

Traceback (most recent call last):
  File "commix.py", line 35, in <module>
    main()
  File "commix.py", line 30, in main
    import src.core.main
  File "main.py", line 915, in <module>
    main(filename, url)
  File "main.py", line 615, in main
    controller.do_check(url, http_request_method, filename)
  File "controller.py", line 727, in do_check
    perform_checks(url, http_request_method, filename)
  File "controller.py", line 650, in perform_checks
    basic_level_checks()
  File "controller.py", line 624, in basic_level_checks
    post_request(url, http_request_method, filename, timesec)
  File "controller.py", line 602, in post_request
    injection_proccess(url, check_parameter, http_request_method, filename, timesec)
  File "controller.py", line 334, in injection_proccess
    classic_command_injection_technique(url, timesec, filename, http_request_method)
  File "controller.py", line 135, in classic_command_injection_technique
    if cb_handler.exploitation(url, timesec, filename, http_request_method, injection_type, technique) != False:
  File "cb_handler.py", line 460, in exploitation
    if cb_injection_handler(url, timesec, filename, http_request_method, injection_type, technique) == False:
  File "cb_handler.py", line 347, in cb_injection_handler
    cb_file_access.do_check(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, timesec)
  File "cb_file_access.py", line 228, in do_check
    file_write(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, timesec)
  File "cb_file_access.py", line 140, in file_write
    response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
  File "cb_injector.py", line 244, in injection
    response = check_injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
  File "cb_injector.py", line 160, in check_injection
    payload = cb_payloads.cmd_execution(separator, TAG, cmd)
  File "cb_payloads.py", line 141, in cmd_execution
    "$(echo " + TAG + ")" + TAG + ""
  File "utf_8.py", line 16, in decode
    return codecs.utf_8_decode(input, errors, True)
UnicodeDecodeError: 'utf8' codec can't decode byte 0xb2 in position 112: invalid start byte
stasinopoulos commented 3 years ago

Duplicate of https://github.com/commixproject/commix/issues/656

github-actions[bot] commented 2 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related issues.