Ruby Security Field Guide

YAML Level 2

Welcome to Level 2 of the YAML deserialization exploitation exercises! This challenge follows in a similar format to the first. Pull down the workshop files detailed below, run the same series of setup steps, and see if you can modify the exploitation file appropriately to get remote code execution on the remote rails app. You should note that this rails app.rb file is slightly different than the first exercise.

Installation Steps

    $ gem install bundler
    $ bundle install
    $ ./app.rb &
    $ ./exploit.rb <command>

Level 2 Files