Magician — Full Exploitation Walkthrough Magician is one of those boxes that looks simple at first glance but quickly turns into a layered exercise in chaining weaknesses together. What starts as a …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A full exploitation walkthrough of the 'Magician' CTF/lab machine, demonstrating a chained attack path. Starting with an ImageMagick CVE-2016-3714 (ImageTragick) vulnerability via a crafted file upload, the attacker gains a reverse shell, enumerates an internal localhost service on port 6666, pivots using Chisel tunneling, and exploits a path traversal flaw in a Flask app to achieve full file disclosure. The writeup explains why each step worked and concludes with defensive mitigations including patching ImageMagick, hardening policy.xml, securing file uploads, and protecting internal services.