Adam Baldwin evilpacket

## all.txt

.
..
........
@
*
*.*
*.*.*
ðŸŽ

## gist:37df3bf6cd77d9553e6c
var Docker = require('dockerode');

var docker = new Docker({socketPath: '/var/run/docker.sock'});

docker.createContainer({ Image: 'ubuntu', Cmd: ['/bin/ls','/stuff'], "Volumes":{"/stuff": {}} }, function (err, container) {
  container.attach({stream: true, stdout: true, stderr: true, tty: true}, function (err, stream) {
    stream.pipe(process.stdout);

    container.start({"Binds":["/home/vagrant:/stuff"]}, function (err, data) {
      console.log(data);

## rails_rce.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
#   https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
	var Docker = require('dockerode');

	var docker = new Docker({socketPath: '/var/run/docker.sock'});

	docker.createContainer({ Image: 'ubuntu', Cmd: ['/bin/ls','/stuff'], "Volumes":{"/stuff": {}} }, function (err, container) {
	container.attach({stream: true, stdout: true, stderr: true, tty: true}, function (err, stream) {
	stream.pipe(process.stdout);

	container.start({"Binds":["/home/vagrant:/stuff"]}, function (err, data) {
	console.log(data);
	#!/usr/bin/env ruby
	#
	# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
	#
	# ## Advisory
	#
	# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
	#
	# ## Caveats
	#