⚠️ Ruby on Rails Dynamic Render File Upload Remote Code Execution
Nachrichtenbereich: ⚠️ PoC
🔗 Quelle: packetstormsecurity.com
This Metasploit module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This Metasploit module has been tested across multiple versions of Ruby on Rails. The technique used by this module requires the specified endpoint to be using dynamic render paths, such as the following example: def show render params[:id] end Also, the vulnerable target will need a POST endpoint for the TempFile upload, this can literally be any endpoint. This Metasploit module doesnt use the log inclusion method of exploitation due to it not being universal enough. Instead, a new code injection technique was found and used whereby an attacker can upload temporary image files against any POST endpoint and use them for the inclusion attack. Finally, you only get one shot at this if you are testing with the builtin rails server, use caution. ...
⚠️ Ruby On Rails 5.0.1 Remote Code Execution
📈 35.91 Punkte
⚠️ PoC
⚠️ Ruby On Rails 5.0.1 Remote Code Execution
📈 35.91 Punkte
⚠️ PoC
⚠️ Ruby On Rails ActionPack Inline ERB Code Execution
📈 31.65 Punkte
⚠️ PoC
⚠️ Ruby On Rails ActionPack Inline ERB Code Execution
📈 31.65 Punkte
⚠️ PoC