Skip to content

Instantly share code, notes, and snippets.

@jjarmoc

jjarmoc/gist:4661586

Last active December 11, 2015 21:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jjarmoc/4661586 to your computer and use it in GitHub Desktop.
Save jjarmoc/4661586 to your computer and use it in GitHub Desktop.
Download ZIP
rails_json_yaml_code_exec Confirmed working on rails 3.0.19 and 2.3.15, both on ruby 1.9.3-p125
Raw
gistfile1.rb
MSF Module;
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rails_json_yaml_code_exec.rb
See also;
https://gist.github.com/4660248
https://github.com/ronin-ruby/ronin-ruby.github.com/blob/master/blog/_posts/2013-01-28-new-rails-poc.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment