Introduction
- 0.1. Prerequisites
- 0.2. Intro Slides
1. YAML
2. Parslet
- 2.1. JSON 1
- 2.2. JSON 2
3. Mutant
- 3.1. Mutant 1
4. Ronin
- 4.1. Exploit 1
5. Resources
6. Contributors
Published with GitBook

Ruby Security Field Guide

Ronin Exploit 1

Rewrite one of your YAML exploits using the ronin-support library. Some boilerplate code already exists in exploit.rb.

To test your new exploit, go back to the original YAML exploit and start its server:

$ cd ../yaml/level3/
$ ./app.rb
[2013-05-17 18:05:07] INFO  WEBrick 1.3.1
[2013-05-17 18:05:07] INFO  ruby 1.9.3 (2013-02-22) [x86_64-linux]
== Sinatra/1.3.5 has taken the stage on 9000 for development with backup from WEBrick
[2013-05-17 18:05:07] INFO  WEBrick::HTTPServer#start: pid=4037 port=9000

Then draw your sword:

$ ./exploit.rb "puts 'lol'"
[-] Exploiting http://localhost:9000/ ...
[-] Success!

lol
Received #<Callbacks: {"REDACTED"=>[true]}>
localhost.localdomain - - [17/May/2013:18:06:16 PDT] "POST / HTTP/1.1" 200 7
- -> /

Success indeed.

Level 1 Files

Ronin Level 1