CVE-2020-8165 PoC — Ruby on Rails 代码问题漏洞

Source

https://github.com/AssassinUKG/CVE-2020-8165

Associated Vulnerability

Title:Ruby on Rails 代码问题漏洞 (CVE-2020-8165)
Description:Ruby on Rails是Rails团队的一套基于Ruby语言的开源Web应用框架。 Ruby on Rails 5.2.5之前版本和6.0.4之前版本中存在代码问题漏洞。攻击者可利用该漏洞将不受信任的Ruby对象注入到Web应用程序，执行代码或造成其他危害。

Readme

# CVE-2020-8165.py

A shell for CVE-2020-8165 exploit: https://github.com/masahiro331/CVE-2020-8165

![](/assets/cve.png)

## Usage:
CVE-2020-8165.py IP IP:PORT
```
CVE-2020-8165.py 2.3.2.3 10.10.10.10:4444
```

File Snapshot


 [4.0K]  /data/pocs/d98820da616535a3f8b9b9c13bac2b3ec3667ffb
├── [4.0K]  assets
│   ├── [   1]  a
│   └── [ 10K]  cve.png
├── [4.6K]  CVE-2020-8165.py
└── [ 213]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!