POC详情: c132e75ede117f97fdbb4f24ed985887e57c11f8

来源
关联漏洞
标题: Ruby on Rails 输入验证错误漏洞 (CVE-2013-0156)
描述:Ruby on Rails是美国Rails团队的一套基于Ruby语言的开源Web应用框架。 Ruby on Rails存在输入验证错误漏洞,该漏洞源于没有正确限制字符串值的转换 ,允许远程攻击者进行注入并执行任意代码。
描述
This script is specifically designed to solve the challenge on PentesterLab for the CVE-2013-0156 exploit
介绍
# Original Script Reference
For more details on the original exploit script, refer to the gist link [CVE-2013-0156](https://gist.github.com/postmodern/4499206)

# CVE-2013-0156 Exploit Script
This script is specifically designed to solve the challenge on **PentesterLab** for the CVE-2013-0156 exploit. You can access the challenge here: [PentesterLab - CVE-2013-0156 Challenge](https://pentesterlab.com/exercises/cve-2013-0156).

This Python script is designed to exploit the **CVE-2013-0156** vulnerability, a critical **remote code execution (RCE)** issue in Ruby on Rails applications caused by insecure deserialization of YAML objects. The vulnerability allows an attacker to inject arbitrary code through a crafted YAML payload, leading to code execution on the target server.

## Features

- **Payload Injection**: The script sends a crafted XML payload to the target URL, exploiting the deserialization vulnerability in vulnerable Rails applications (Rails 2.x and 3.x).
- **Customizable Target Version**: Supports specifying whether the target is Rails 2.x or 3.x, allowing more control over payload format.
- **Formatted Output**: The script presents a well-structured and visually appealing output with color-coded request and response details, making it easy to track the exploit's status and response.
- **Success Notification**: Upon successful exploitation, the script notifies the user that the exploit has been executed successfully.

## Usage

### Installation

Make sure you have the required Python packages installed by running:

```bash
pip install requests colorama pyyaml
```
## Running the Script
```bash
python exploit.py <URL> <PAYLOAD> [rails3|rails2] [--show ]
```
### Example

```bash
  python exploit.py http://example.com/payload example_payload rails3 --show
```
------
## Example Output
Upon successful execution, the script will display a color-coded output with the following sections:

Request: Shows the URL, headers, and the XML payload being sent.
Response: Displays the status code and the response body (truncated for large responses).
Success/Failure Notification: Notifies you if the exploit was successful or if any error occurred.

## Important Notes
Use Responsibly: This script is designed for educational purposes and should only be used on systems you have permission to test. Unauthorized exploitation of this vulnerability is illegal and unethical.
Rails Versions: This script supports Rails 3.x and 2.x. Ensure the target is running a vulnerable version of Rails before attempting the exploit.
文件快照

[4.0K] /data/pocs/c132e75ede117f97fdbb4f24ed985887e57c11f8 ├── [5.8K] cve-2013-0156.py └── [2.5K] README.md 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。