11 Aug '13, 5pm

Ruby on Rails Known Secret Session Cookie Remote Code Execution #exploit

This Metasploit module implements remote command execution on Ruby on Rails applications. Prerequisite is knowledge of the "secret_token" (Rails 2/3) or "secret_key_base" (Rails 4). The values for those can be usually found in the file "RAILS_ROOT/config/initializers/secret_token.rb". The module achieves RCE by deserialization of a crafted Ruby Object.

Full article: http://packetstormsecurity.com/files/122776

Tweets

#PacketStorm Ruby on Rails Known Secret Session...

packetstormsecurity.com 11 Aug '13, 6pm

This Metasploit module implements remote command execution on Ruby on Rails applications. Prerequisite is knowledge of the...

Ruby on Rails Known Secret Session Cookie Remot...

cxsecurity.com 12 Aug '13, 6am

Ruby on Rails Known Secret Session Cookie Remote Code Execution

Ruby on Rails Known Secret Session Cookie Remot...

exploit-db.com 12 Aug '13, 4pm

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Ple...

[remote exploits] - Ruby on Rails Known Secret ...

1337day.com 11 Aug '13, 6pm

Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and s...

#freelance #loker Blog website in Ruby On Rails...

freelancer.co.id 11 Aug '13, 7am

I need blog website similar to http://www.androidpit.com/, in Ruby on Rails. I need this done in Rails 3. I will be deploy...

A startup template for Ruby on Rails 4 applicat...

thechangelog.com 13 Aug '13, 4pm

Way back in January, I wrote a blog post called “Rails has two default stacks” . In it, I discussed how people like to cus...

Some things to watch for on the upgrade to Rail...

pivotallabs.com 10 Aug '13, 6pm

During our migration to Rails 4 we heavily relied on our test suite. We experienced some unexpected behavior when running ...

#freelance Do you know Git, Ruby, Rails, jQuery...

freelancer.com 11 Aug '13, 7pm

Project Description: I need real coders who are 100% responsible, work fast and can help me put together an awesome websit...

Migrate Rails App from v2 to v4 by tomhost: We ...

freelancer.com 11 Aug '13, 8pm

We have a Ruby on Rails application which was originally developed on v2 of the framework. A lot of time has passed and th...

#RubyOnRails Ruby On Rails Developer - repost b...

freelancer.com 11 Aug '13, 5pm

Project Description: To be consider, you will have excellent ruby development skills and talent in application design. - E...

Ruby on Rails with Nitrous.io

rubyflow.com 12 Aug '13, 1am

Nitrous.io is a hosted development environment with a web browser IDE. You can actually do coding without any files on you...

¡Nuevo vídeo tutorial de Ruby on Rails!

youtube.com 21 Aug '13, 3pm

Close Your browser is not supported by YouTube and it needs to be updated. Learn more . Advertisement Personalizando Devis...

Starbucks' Secret Menu? (customized drinks)

Starbucks' Secret Menu? (customized drinks)

soshiok.com 13 Aug '13, 1pm

Singapore, August 13, 2013 By Lisa Oon, My Paper Raspberry cheesecake frappuccino, tuxedo mocha, and chocolate pumpkin lat...