On 01/10/2013 12:15 PM, Jozef Zigmund wrote:
"This module exploits a remote code execution vulnerability in the XML
request processor of the Ruby on Rails application framework. This
vulnerability allows an attacker to instantiate a remote object, which
in turn can be used to execute any ruby code remotely in the context of
the application." - from exploit's code [1]
All description and all paths for exploitation: [2]
Sum up all current RoR exploits: [3]
[1] -
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb
[2] -
https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156?x=1
[3] -
http://ronin-ruby.github.com/blog/2013/01/09/rails-pocs.html
--
Jozef
The patches [1] are on the way.
[1] -
https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/61bkgvnSGTQ
