Rails 'params' #2 tháng 1 10, 2013 No comments I discovered [1, nil] attack, but while i was checking unsafe query generation and DoS with symbols people on twitter found RCE for YAML through instancing some class that will eventually eval attribute from user input! Sweet!IMHO this article is best on topic, and explains the whole chain of exploitation.I told you, didn't i? Share This: Facebook Twitter Google+ Stumble Digg Gửi email bài đăng nàyBlogThis!Chia sẻ lên XChia sẻ lên Facebook
0 nhận xét:
Đăng nhận xét