Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-41817 PoC — Arbitrary Code Execution in `AppImage` version `ImageMagick`

Source
https://github.com/Dxsk/CVE-2024-41817-poc
Associated Vulnerability
Title:Arbitrary Code Execution in `AppImage` version `ImageMagick` (CVE-2024-41817)
Description:ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.
Description
CVE-2024-41817 POC ImageMagick <= 7.1.1-35 Arbitrary Code Execution
Readme
# ImageMagick Arbitrary Code Execution (CVE-2024-41817)

Proof of Concept exploit for ImageMagick versions <= 7.1.1-35 allowing arbitrary code execution via malicious XML delegation.

## Description

This exploit takes advantage of a vulnerability in ImageMagick that allows arbitrary code execution through specially crafted libraries. The script can:

- Detect vulnerable ImageMagick versions
- Generate malicious payloads
- Automatically deploy and execute the exploit

## Requirements

- Python 3.11+
- GCC >= 9.4.0
- Python packages:
  - paramiko

## Installation

```bash
git clone https://github.com/Dxsk/CVE-2024-41817-poc/
cd CVE-2024-41817-poc
pip install -r requirements.txt
```

## Usage

### Auto-detect vulnerable version:
```bash
python3 exploit.py -H <target> -p <port> -u <user> -P <password> -d
```

### Build payload only:
```bash
python3 exploit.py -c "command" -B
```

### Full auto mode (detect, build and deploy):
```bash
python3 exploit.py -c "command" -H <target> -p <port> -u <user> -P <password> -A
```

### Options:
- `-c, --command`: Command to execute (default: "id")
- `-H, --host`: Target host
- `-p, --port`: SSH port (default: 22)
- `-u, --username`: SSH username
- `-P, --password`: SSH password
- `-d, --detection`: Auto-detect ImageMagick if vulnerable
- `-B, --build`: Only build the payload
- `-A, --auto`: Full auto mode
- `-v, --verbose`: Verbose output

## Tested On
- Ubuntu 22.04.5 LTS
- ImageMagick 7.1.1-35

## Author
- Daihyxsk
- Github: https://github.com/Dxsk

## References
- [ImageMagick Security Advisory](https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8)
- CVE: CVE-2024-41817

## Disclaimer
This tool is for educational purposes only. Use it only against systems you have permission to test.
File Snapshot

 [4.0K]  /data/pocs/b586804b13e44bb940d267639e87e8b674f5e2ac
├── [ 15K]  exploit.py
├── [1.7K]  README.md
└── [   9]  requirements.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →