Highest Voted 'ruby' Questions - IT Security Stack Exchange

0

votes

1 answer

How do I prevent my Rails application from attack?

My website is being nuked by new signups and new posts some of which don't even have user.id associated with. How do I solve this? What code should I add to the user#new page and/or post#new page. If it would help, please check my repo:…

asked Dec 01 '12 at 22:53

Tanapuch Touchdown

3
2

0

votes

1 answer

Rails File.open(#{Rails.root}) is vulnerable to LFI?

I am performing White Box testing on Rails application with static code analyzing tools like brakeman, I came across an instance where the developer is loading images using file.open. file = File.open("#{Rails.root}/app/assets/path/image.jpg") Due…

audit ruby rails file-inclusion

asked Oct 07 '19 at 06:18

Captain-Robot

3
1

0

votes

1 answer

is there any need to encrypt sensitive images in a database?

I have a project that requires users to submit a photo of a driver's license as proof of identity. This image just needs to be seen once by an administrator, and has no use after their id is verified. This project uses AWS to store data. Data sent…

encryption aws ruby rails

asked May 04 '19 at 19:36

calyxofheld

103
2

0

votes

2 answers

Analysing a MetaSploit Exploit, can't figure out why a function is not executing

I'm studying a MetaSploit Exploit vnc_keyboard_exec, and I was wondering where is defined the function cmd_psh_payload (line 141). So I greped through msf/core directory on my Kali machine and found it was in /msf/core/exploit/powershell.rb So I…

metasploit ruby

asked Aug 25 '16 at 09:56

Stephane

23
5

0

votes

1 answer

Metasploit Ruby Scripting: Problem with framework.db.creds

I am trying to access the credentials I have gathered so far with Metasploit in a Ruby-Resource script. Unfortunately I get the following error when I try to access framework.db.creds. >> framework.db.creds.each ActiveRecord::StatementInvalid:…

metasploit ruby

asked Jul 10 '16 at 06:00

Kai

1
1

-2

votes

1 answer

How to determine the number of bytes from a string with mix of "\x" and normal characters?

I was looking at this exercise and it was mentioned that the string \x1AL\xD23k\xCA\x1D\xD7 consists of 8 bytes. However, I fail to see how there are 8 bytes in the string. Shouldn't there be 7 bytes instead since \x1A would represent 1 byte and any…

encoding ruby binary-code

asked Sep 21 '16 at 18:47

Lew Wei Hao

429
5
13

Questions tagged [ruby]

How do I prevent my Rails application from attack?

Rails File.open(#{Rails.root}) is vulnerable to LFI?

is there any need to encrypt sensitive images in a database?

Analysing a MetaSploit Exploit, can't figure out why a function is not executing

Metasploit Ruby Scripting: Problem with framework.db.creds

How to determine the number of bytes from a string with mix of "\x" and normal characters?