Tweets

1. @_shyam » 04 Feb '13, 4am

   Rails security [link]
2. @sec_prof » 30 Jan '13, 9pm

   This is great info on the Rails PoC for recent vulnerabilities [link]
3. @postmodern_mod3 » 29 Jan '13, 5am

   @OSVDB @jjarmoc also if you want more technical details how the vuln is triggered: https://t.co/Cvya37t5 [link]
4. @thibaut_barrere » 15 Jan '13, 4pm

   @raganwald Metasploit on OS X on Rails; see [link] (and others in the git repo). Also, I like ronin [link]
5. @skeuomorf » 15 Jan '13, 9am

   RT @dragosr: Don't forget the RubyOnRails bug. It's probably a way bigger deal than the Java issues. [link]
6. @dragosr » 15 Jan '13, 9am

   Don't forget the RubyOnRails bug. It's probably a way bigger deal than the Java issues. [link]
7. @rails_rt_ja » 15 Jan '13, 1am

   RT @ra_moo_t: ほむほむ・・・ / “Ronin - Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155” [link]
8. @ra_moo_t » 15 Jan '13, 12am

   ほむほむ・・・ / “Ronin - Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155” [link]
9. @mikewadhera » 14 Jan '13, 6pm

   Good explanation & proof of concept of recent Ruby on Rails remote code execution security vunerability [link]
10. @sr_valeriano » 14 Jan '13, 11am

    Ronin - Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 [link] (via Instapaper)
11. @matias_baruch » 12 Jan '13, 6pm

    Los bugs en Rails: [link]
12. @neverett » 11 Jan '13, 9pm

    Ruby on Rails developers, please read: [link]
13. @geovedi » 11 Jan '13, 1pm

    RT @joernchen: Nice writeup on the recent RoR vulns [link]
14. @joernchen » 11 Jan '13, 1pm

    Nice writeup on the recent RoR vulns [link]
15. @naneau » 11 Jan '13, 1pm

    On the recent Ruby on Rails vulnerabilities: [link]
16. @rails_rt_ja » 11 Jan '13, 12pm

    RT @suffer_Yukimori: ちなみに、原理はこちら。 [link] 説明みても僕には良く分からない…
17. @suffer_Yukimori » 11 Jan '13, 11am

    ちなみに、原理はこちら。 [link] 説明みても僕には良く分からない…
18. @roidrage » 11 Jan '13, 9am

    [link] and [link] it is! Thanks @badboy_ and @benediktdeicke!
19. @badboy_ » 11 Jan '13, 9am

    @roidrage One of these? [link]
20. @netebe » 11 Jan '13, 9am

    Взгляд с другой стороны - эпичные рельсы [link]
21. @caseyjohnellis » 11 Jan '13, 9am

    RT @h0meless: And the Rails exploits start flying in... [link]
22. @g4l4drim » 11 Jan '13, 8am

    RT @unixfreaxjp: #Threat Info - Ruby on Rails Vulnerability Leads to Servers Remote Command Execution (Sucuri) [link] PoC: [link]
23. @h0meless » 11 Jan '13, 7am

    And the Rails exploits start flying in... [link]
24. @gautamrege » 11 Jan '13, 6am

    Excellent post about Rails exploits [link]
25. @unixfreaxjp » 11 Jan '13, 4am

    #Threat Info - Ruby on Rails Vulnerability Leads to Servers Remote Command Execution (Sucuri) [link] PoC: [link]
26. @KarlRanseier » 10 Jan '13, 11pm

    RT @Hfuhs: Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 - [link]
27. @JadedAidan » 10 Jan '13, 9pm

    Glad I patched up all my servers.... [link]
28. @practicingruby » 10 Jan '13, 9pm

    @peeja It has been exploitable in very version of Rails for years. But it's an obscure bug that was found indirectly: [link]
29. @x0rz » 10 Jan '13, 7pm

    RoR webapp vulns [link]
30. @mdranta » 10 Jan '13, 7pm

    @indigirl that was mainly aimed at you, also see: [link]
31. @Noxbru » 10 Jan '13, 7pm

    explicación de las recientes vulnerabilidades de Ruby on Rails [link]
32. @Rinaldi2pt0 » 10 Jan '13, 7pm

    If you don't want your Rails apps to get a colonoscopy, patch them (CVE-2013-0156 and CVE-2013-0155 via Ronin) [link]
33. @realytcracker » 10 Jan '13, 7pm

    ruby on rails is super Oh exploitable! [link] thank you based god
34. @Glesec » 10 Jan '13, 7pm

    Rails PoC #exploits for CVE-2013-0156 and CVE-2013-0155 | Ronin [link] #RoR #ZeroDay #0day
35. @danielmsantana » 10 Jan '13, 6pm

    RT @RSnake: Yup, Rails vuln in full effect: [link]
36. @RSnake » 10 Jan '13, 6pm

    Yup, Rails vuln in full effect: [link]
37. @gabemarshall » 10 Jan '13, 6pm

    Update your Rails apps, POC exploits are out. [link] #websec #webdev #rubyonrails
38. @ermouth » 10 Jan '13, 6pm

    Рельсы дырявые совсем [link] Я в своё время на них смотрел – и "невзял"из-за кастрюли с макаронами вместо API.
39. @juanger_ » 10 Jan '13, 5pm

    "Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155" [link] - recommended via @Prismatic
40. @neliojrr » 10 Jan '13, 4pm

    RT @fnando: Ronin - Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 ~ [link]
41. @ericness » 10 Jan '13, 4pm

    detailed explination of how the ruby on rails exploit works - [link]
42. @bogotaconf » 10 Jan '13, 3pm

    Salieron los exploits para las vulnerabilidades encontradas en Rails [link]
43. @kcqon » 10 Jan '13, 3pm

    Latest Rails vulnerabilities are now exploitable with Metasploit ( [link] ) and Ronin ( [link] ) too
44. @airizon » 10 Jan '13, 3pm

    RT @ChrisJohnRiley: [SuggestedReading] Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 [link]
45. @jjarmoc » 10 Jan '13, 3pm

    RT @miscsecurity: Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 [link]
46. @superninjarobot » 10 Jan '13, 3pm

    Here's a detailed PoC for the Rails CVE issue. (Notice this is a Rails bug, not YAML bug, unlike some claims.) [link]
47. @dobacco » 10 Jan '13, 3pm

    Mmm pocs are out [link]
48. @kritikal » 10 Jan '13, 2pm

    Rails Parameter Parsing Exploit Explained - [link]
49. @MelGallagherNYC » 10 Jan '13, 2pm

    RT @tek_news: HNews: Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 [link] #ror
50. @tek_news » 10 Jan '13, 2pm

    HNews: Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 [link] #ror