Skip to content

Instantly share code, notes, and snippets.

View bachue's full-sized avatar

Bachue Zhou bachue

104 followers · 23 following
View GitHub Profile
@bachue
bachue / rubykaigi2013.md
Created June 5, 2013 02:51 — forked from yhara/rubykaigi2013.md
@bachue
bachue / rails_rce.rb
Last active December 10, 2015 23:08 — forked from postmodern/rails_rce.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@bachue
bachue / rails_sqli.rb
Created January 10, 2013 23:52 — forked from postmodern/rails_sqli.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails SQL Injection (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@bachue
bachue / rails_jsonq.rb
Created January 10, 2013 23:52 — forked from postmodern/rails_jsonq.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Unsafe Query Generation (CVE-2013-0155)
#
# ## Advisory
#
# https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI
#
# ## Synopsis
#
@bachue
bachue / rails_dos.rb
Last active December 10, 2015 23:08 — forked from postmodern/rails_dos.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails DoS (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Synopsis
#