Skip to content

Instantly share code, notes, and snippets.

@Zapotek

Zapotek/sinatra_introspector_app.rb

Created January 8, 2024 08:20
Show Gist options
  • Save Zapotek/a48728ae5b2aec5056c6e6541801bfff to your computer and use it in GitHub Desktop.
Save Zapotek/a48728ae5b2aec5056c6e6541801bfff to your computer and use it in GitHub Desktop.
Download ZIP
Raw
sinatra_introspector_app.rb
require 'scnr/introspector'
require 'sinatra/base'
class MyApp < Sinatra::Base
use SCNR::Introspector, scope: {
path_start_with: __FILE__
}
def noop
end
def process_params( params )
noop
params.values.join( ' ' )
end
get '/' do
@instance_variable = {
blah: 'foo'
}
local_variable = 1
<<EOHTML
#{process_params( params )}
<a href="?v=stuff">XSS</a>
EOHTML
end
run!
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment