## https://sploitus.com/exploit?id=9FACC4B9-7CEF-5DA5-A8E3-D763C26D6941
# CVE-2022-44268-automated
CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Clone
```
git clone https://github.com/PanAdamski/CVE-2022-44268-automated.git
```
run
```
python3 automated.py /etc/passwd
```
The script was written to automatically process images on the DockMagic machine from the TryHackme platform, but if someone needs to use it for HackThebox Pilgrimage/Meta or for a real pentest scenario then the code is really easy to rewrite