Skip to content

forced-request/rails-rce-cve-2016-0752

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
app
app
 
 
bin
bin
 
 
config
config
 
 
db
db
 
 
lib
lib
 
 
log
log
 
 
public
public
 
 
test
test
 
 
vendor/assets
vendor/assets
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 

Repository files navigation

Exploiting CVE-2016-0752

This app serves as a vulnerable Proof of Concept for exploiting CVE-2016-0752. For more information refer to this blog post, which explains the vulnerability, the steps required to exploit, the fix, and a link to a metasploit module.

Getting Started

echo "" > log/development.log # Clear out the log file
rvm use 2.2.3
bundle
rails s

Vulnerable URL: http://localhost/users/dashboard

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

11 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages