commixproject / commix

Automated All-in-One OS Command Injection Exploitation Tool.
https://commixproject.com
Other
4.6k stars 816 forks source link

Bug Report: Unhandled exception "AttributeError: module 'src.core.injections.controller.checks' has no attribute 'invalid_option'" (#3bbd885e) #957

Closed commixreporter closed 2 months ago

commixreporter commented 2 months ago
Commix version: 4.0-dev#94
Python version: 3.11.9
Operating system: posix
Command line: commix.py --url=************************************************* --data=*********************** --cookie=********************************************************* 
Traceback (most recent call last):
  File \"commix.py", line 36, in <module>
    main()
  File \"commix.py", line 31, in main
    import src.core.main
  File \"main.py", line 901, in <module>
    main(filename, url, http_request_method)
  File \"main.py", line 560, in main
    controller.do_check(url, http_request_method, filename)
  File \"controller.py", line 743, in do_check
    perform_checks(url, http_request_method, filename)
  File \"controller.py", line 706, in perform_checks
    data_checks(url, http_request_method, filename, timesec)
  File \"controller.py", line 623, in data_checks
    if post_request(url, http_request_method, filename, timesec) is None:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"controller.py", line 613, in post_request
    do_injection(found_parameter, settings.HTTPMETHOD.POST, header_name, url, http_request_method, filename, timesec)
  File \"controller.py", line 576, in do_injection
    injection_proccess(url, check_parameter, http_request_method, filename, timesec)
  File \"controller.py", line 400, in injection_proccess
    classic_command_injection_technique(url, timesec, filename, http_request_method)
  File \"controller.py", line 220, in classic_command_injection_technique
    if cb_handler.exploitation(url, timesec, filename, http_request_method, injection_type, technique) != False:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"cb_handler.py", line 33, in exploitation
    return cb_injection_handler(url, timesec, filename, http_request_method, injection_type, technique)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"cb_handler.py", line 26, in cb_injection_handler
    return handler.do_results_based_proccess(url, timesec, filename, http_request_method, injection_type, technique)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"handler.py", line 660, in do_results_based_proccess
    if pseudo_terminal_shell(injector, separator, maxlen, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, technique, no_result, timesec, payload, OUTPUT_TEXTFILE, url_time_response) == None:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"handler.py", line 99, in pseudo_terminal_shell
    go_back, go_back_again = shell_options.check_option(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, technique, go_back, no_result, timesec, go_back_again, payload, OUTPUT_TEXTFILE)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"shell_options.py", line 179, in check_option
    go_back, go_back_again = reverse_tcp_config(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, os_shell_option, go_back, go_back_again, timesec, payload, OUTPUT_TEXTFILE, technique)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"shell_options.py", line 126, in reverse_tcp_config
    reverse_tcp.configure_reverse_tcp(separator)
  File \"reverse_tcp.py", line 573, in configure_reverse_tcp
    checks.invalid_option(option)
    ^^^^^^^^^^^^^^^^^^^^^
AttributeError: module 'src.core.injections.controller.checks' has no attribute 'invalid_option'
stasinopoulos commented 2 months ago

Fixes https://github.com/commixproject/commix/commit/94842b2c78c66ccf8460c4a6414ab29f9151958c

github-actions[bot] commented 4 weeks ago

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

This action has been performed automatically by a bot.