Summary:
HackerOne’s image upload is using ImageMagick to convert/resize images and is likely updated. Thus, it’s vulnerable to CVE-2022-44268.
Description:
im-lfi.png
) as your profile pictureidentify -verbose image.png
Then, copy the Raw profile type:
and decode it using any tool or using Python like;
python -c "print(bytes.fromhex('2c2c2c3a2f72756e2f73797374656d643a2f7573722f7362696e2f6e6f6c6f67696e0a').decode())"
I’ve attached the resized image too which contains the content of /etc/passwd i.e. 86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0.png
Arbitrary Remote Leak