Giter VIP home page Giter VIP logo

mando.me's Issues

Query:

Just glanced over the code, nice job looks very good overall, though I was curious as to why you went with Python2 not Python3?

Outher types inputs issues

Hi!
I have just tested your script and I have found issues with other type on inputs than json.

Burp suite request snapshot:

POST /bWAPP/commandi.php HTTP/1.1
Host: <IP>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://<IP>/bWAPP/commandi.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 30
Connection: close
Cookie: security_level=1; PHPSESSID=2871ed8afbfcd800836a8111df1522da
Upgrade-Insecure-Requests: 1

target=www.nsa.gov&form=submit

command: ./mando.me.py --url "http://<IP>/bWAPP/commandi.php" --cookie "http://<IP>/bWAPP/commandi.php" --post "target=_INJECT_&form=submit"

Logs:

[*] Testing different injection techniques
 [*] METHOD: Result based injection

 [-] Something went wrong. Terminating program.


Traceback (most recent call last):
 File "./mando.me.py", line 2339, in <module>
   if __name__ == "__main__": main(sys.argv[1:])
 File "./mando.me.py", line 2259, in main
   CommandInjector.init()
 File "./mando.me.py", line 1945, in init
   CommandInjector.exploit()
 File "./mando.me.py", line 2151, in exploit
   if technique() and not _gs["url_stager"] == None:
 File "./mando.me.py", line 2034, in technique_result_based
   if _placeholder == interactor("echo " + _placeholder).strip():
 File "./mando.me.py", line 2013, in interactor
   request = urllib.request.Request(url, headers=urllib.parse.urlencode(json.loads(_gs["post"].replace("'", "\"").replace("_INJECT_", "\"" + special + command + "\""))))
 File "/usr/lib/python3.7/json/__init__.py", line 348, in loads
   return _default_decoder.decode(s)
 File "/usr/lib/python3.7/json/decoder.py", line 337, in decode
   obj, end = self.raw_decode(s, idx=_w(s, 0).end())
 File "/usr/lib/python3.7/json/decoder.py", line 355, in raw_decode
   raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
None

Tested on: python 2.7.17 and 3.7.6

Please take a look of that, if you are still working with this tool :)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.