CVE-2016-3714 PoC — ImageMagick 输入验证错误漏洞

Source

https://github.com/Hood3dRob1n/CVE-2016-3714

Associated Vulnerability

Title:ImageMagick 输入验证错误漏洞 (CVE-2016-3714)
Description:ImageMagick是美国ImageMagick公司的一套开源的图像处理软件。该软件可读取、转换或写入多种格式的图片。 ImageMagick 6.9.3-10之前版本和7.0.1-1之前7.x版本存在输入验证错误漏洞，该漏洞源于程序没有充分过滤用户传入的shell字符。攻击者可通过上传恶意的图像利用该漏洞执行任意代码，获取敏感信息。

Description

ImaegMagick Code Execution (CVE-2016-3714)

Readme

# CVE-2016-3714
ImageMagick Code Execution (CVE-2016-3714)<br/>
<br/>
imagick_builder.py = Simple Payload Builder to Exploit CVE-2016-3714<br/>
imagick_bypass_shell.php = PHP based web shell leveraging the PHP imagick extension wrapper to bypass disabled functions<br/>
<br/>
Few Images of things working:<br/>
Payload Builder:<br/>
<img src="http://i.imgur.com/NIfEgvp.png"><br/>
imagick payload vs vBulletin 4.x w/ImageMagick Enabled:<br/>
<img src="http://i.imgur.com/BNRIaSw.png"><br/>
server side after payload triggers:<br/>
<img src="http://i.imgur.com/IYvPbfx.png"><br/>
<br/>
<br/>
Web Shell:<br/>
Command Execution:<br/>
<img src="http://i.imgur.com/tZtJX7l.png"><br/>
File Read:<br/>
<img src="http://i.imgur.com/lAwTrb1.png"><br/>
<br/>
<br/>

File Snapshot


 [4.0K]  /data/pocs/977852d46a44f2f38f9b2d3406673e760bbc198d
├── [4.0K]  classes
│   ├── [ 11K]  colors.py
│   ├── [ 11K]  colors.pyc
│   ├── [   0]  __init__.py
│   └── [ 137]  __init__.pyc
├── [ 11K]  imagick_builder.py
├── [6.2K]  imagick_bypass_shell.php
└── [ 755]  README.md

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!