Remote Code Execution because of an image source? Is it Possible? Yes! Definitely. Here in this blog post, a Strynx team member found a variation of Remote Code Execution AKA RCE through ImageMagick which earned him a generous bounty of $5000. Amazingly, some tweaks inside the image source exfiltrated the data over DNS (also called side-channel attacks). Let’s see how was it done after a short introduction to ImageMagick.
One of the world’s largest cryptocurrency site was hacked by the Strynx team to find a flaw exposing multiple vulnerabilities that could lead loss of millions of dollars. One of the team members shared his point of views on how we discovered such a critical issue involving data of millions of users. Here’s on how we discovered this: