ImageMagick 漏洞利用方式及分析 | 天融信阿尔法实验室
Tags
| attack-pattern: | Python - T1059.006 |
Common Information
| Type | Value |
|---|---|
| UUID | aaea8465-fdf5-4ee2-af8a-8fc685c21b7d |
| Fingerprint | 2edf3d741c64614 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 1, 2023, midnight |
| Added to db | Jan. 18, 2023, 7:41 p.m. |
| Last updated | Nov. 13, 2024, 12:45 a.m. |
| Headline | ImageMagick 漏洞利用方式及分析 |
| Title | ImageMagick 漏洞利用方式及分析 | 天融信阿尔法实验室 |
| Detected Hints/Tags/Attributes | 8/1/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://blog.topsec.com.cn/ad_lab/imagemagick- |
| Details | Source | http://blog.topsec.com.cn/imagemagick- |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 17 | cve-2016-3714 |
|
| Details | CVE | 2 | cve-2016-3718 |
|
| Details | CVE | 2 | cve-2016-3715 |
|
| Details | CVE | 1 | cve-2016-3716 |
|
| Details | CVE | 1 | cve-2016-3717 |
|
| Details | File | 1 | 问题出现在文件名传入imagemagick中的配置文件delegates.xml |
|
| Details | File | 1 | 也就是delegates.xml |
|
| Details | File | 1 | 在delegates.xml |
|
| Details | File | 1 | 过程中支持用户处理图片并使用默认的配置delegates.xml |
|
| Details | File | 1 | 或者policy.xml |
|
| Details | File | 1 | 然后创建一个tex文件delete.txt |
|
| Details | File | 1 | 在转换mvg图片到达删除delete.txt |
|
| Details | File | 1 | 同时写msl.txt |
|
| Details | File | 3 | image.gif |
|
| Details | File | 71 | shell.php |
|
| Details | File | 1 | 和msl.txt |
|
| Details | File | 1 | 那么我们在delegates.xml |
|
| Details | File | 4 | policy.xml |