rails – WindowsTechs.com

TIOBE Index News (April 2024): PHP’s Popularity Declining

Posted on April 12, 2024 by Megan Crouse

The top three programming languages – C++, C and Python – remain the same, while Fortran rises. Continue reading TIOBE Index News (April 2024): PHP’s Popularity Declining→

brute forcing a pseudoRandom number Generator

Posted on December 15, 2022 by hanan

was trying to brute force a random number generated by the ruby method rand which generated a random float number between 0.0 and 1.0 excluding 1.0.
so for example I have this code:
Time.now.to_s.split(//).sort_by {rand}.join

this produce… Continue reading brute forcing a pseudoRandom number Generator→

exploiting the scenario and how to generate a secure reset password token

Posted on December 14, 2022 by hanan

I am using the following line of code to create a reset password code sent to the user in her/his email. when scanned with brakeman to my ruby code, this line of code is catched and describes it as it is vulnerable.
this is the line of cod… Continue reading exploiting the scenario and how to generate a secure reset password token→

ruby on rails constantize exploitation

Posted on December 5, 2022 by hanan

I was trying to exploit the constantize method in ruby for remote code execution. for example I have this line code:
@mygroups = params[:group][:type].constantize.new(params[:group])

and in the request I sent the following payload:
group%… Continue reading ruby on rails constantize exploitation→

Rails 6 leaked secret token

Posted on June 5, 2022 by user16910689

If an attacker can obtain the value of secret_key_base in rails 6, can he achieve RCE through that, similar to https://www.exploit-db.com/exploits/27527 (applicable to rails 2-4)?

Continue reading Rails 6 leaked secret token→

Rails API Session Security and CSRF

Posted on April 9, 2022 by winens

I am doing an api with Rails(api-only). Security is so importand for me. I got 2 question.
1-) I am keeping user’s id in session[:authID], is it safe to use like this?
2-) Do i need CSRF protection for api-only? I’m using Next.js for clien… Continue reading Rails API Session Security and CSRF→

In Ruby, can request.host be trusted to differentiate between a staging environment and production?

Posted on February 17, 2022 by Prime

Let’s say I have two environments: https://qa.example.com and https://example.com. In QA, I want to allow access to something insecure, like a special route that allows logging in without a password.
What are the security concerns of check… Continue reading In Ruby, can request.host be trusted to differentiate between a staging environment and production?→

How to send a password securely as part of a GET request in rails?

Posted on January 19, 2022 by boddhisattva

I’m curious to check what could be some possibly secure and recommended ways through which I could send a password as part of a GET request in rails? Just to be explicit, we’re using HTTPS in general.
High level overview of the use case: O… Continue reading How to send a password securely as part of a GET request in rails?→

Was rails issue ever fixed – Unsafe Query Risk in Active Record?

Posted on October 28, 2021 by akostadinov

I was trying to figure out whether this issue has ever been fixed in Rails but my searches yielded nothing.

A vulnerable application will either contain columns named identically
to their table, or have column names which conflict with jo… Continue reading Was rails issue ever fixed – Unsafe Query Risk in Active Record?→

Command substitution for code execution via Ruby’s send() method

Posted on June 10, 2021 by Phil Cooper

I am working on a challenge that involves getting code execution on a Ruby application hosted on Nginx. One of the ruby controllers seems to have been using unsanitized user input as part of the send() method which leads to arbitrary code … Continue reading Command substitution for code execution via Ruby’s send() method→