<img src="https://ws.zoominfo.com/pixel/hkRMM7MKhy86AAkcdZ8j" width="1" height="1" style="display: none;"> RCE by Command Line Argument Injection to 'gm convert' in '/edit/process?a=crop'

About This Walk-Through

Hacktivity Imger

Imger Application

Imger is an image sharing site where you can upload images and crop them. The website is vulnerable to a command injection attack. You will learn how to exploit this vulnerability to gain remote code execution.

Callback

Callback Listener

Learn about this command injection attack with a callback to collect data from the vulnerable target. HackEDU's lesson will walk you through step by step teaching you about the vulnerability and how to leverage a callback to recieve output from the system.

Hack the Sandbox for Free

Try Sandbox Free

Learn more about our Secure Development Training for Developers

Learn More