[Ciotoflow] kind of Imagemagick

Delete this message

Reply to this message
Author: ono-sendai
Date:  
To: Flussi di ciotia.
Subject: [Ciotoflow] kind of Imagemagick
Sintesi:

ImageMagick allows to process files with external libraries. This
feature is called 'delegate'. It is implemented as a system() with
command string ('command') from the config file delegates.xml with
actual value for different params (input/output filenames etc). Due to
insufficient %M param filtering it is possible to conduct shell command
injection

aggiungete il fatto che imagemagick viene usato in tantissimi siti che
permettono l'upload di immagini e vedrete l'entita della tragedia :)

Qui [0] i dettagli e qui[1] un po' di payloads che potete cercare nei vostri log
e ovviamente qui [2] la colonna sonora da ascoltare

[0] http://www.openwall.com/lists/oss-security/2016/05/03/18
[1]
https://blog.cloudflare.com/inside-imagetragick-the-real-payloads-being-used-to-hack-websites-2/
[2] https://www.youtube.com/watch?v=0p_1QSUsbsM