TIOBE Index News (April 2024): PHP’s Popularity Declining
The top three programming languages – C++, C and Python – remain the same, while Fortran rises. Continue reading TIOBE Index News (April 2024): PHP’s Popularity Declining
Collaborate Disseminate
The top three programming languages – C++, C and Python – remain the same, while Fortran rises. Continue reading TIOBE Index News (April 2024): PHP’s Popularity Declining
A new report promotes preventing cyberattacks by using memory-safe languages and the development of software safety standards. Continue reading White House Recommends Memory-Safe Programming Languages and Security-by-Design
I am using the following line of code to create a reset password code sent to the user in her/his email. when scanned with brakeman to my ruby code, this line of code is catched and describes it as it is vulnerable.
this is the line of cod… Continue reading exploiting the scenario and how to generate a secure reset password token
I was trying to exploit the constantize method in ruby for remote code execution. for example I have this line code:
@mygroups = params[:group][:type].constantize.new(params[:group])
and in the request I sent the following payload:
group%… Continue reading ruby on rails constantize exploitation
I have a vulnerability scanner than detected a security vulnerability in a particular package. Let’s call it package "D@4.0". D@4.0 is used by other dependencies, such as this:
A@1.0 > B@2.0 > C@3.0 > D@4.0.
Typically th… Continue reading How to exploit and fix dependency vulnerabilities? [closed]
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself “Frank”. Continue reading RubyGems supply chain rip-and-replace bug fixed – check your logs!
I got an exception notification for a request from 92.118.39.180:61001 to: http://\localhost/admin/config.php
This is the notification:
——————————-
Request:
——————————-
* URL : http://\local… Continue reading Ruby on Rails: Request to http://\localhost/admin/config.php
In an interview with The Register, Victor Shepelev, a Ruby developer and software architect who lives in Kharkiv, Ukraine, shares his experience living in a country being invaded by Russia. He hopes that his situation will encourage international polit… Continue reading A Ruby Developer’s Life In Kharkiv, Ukraine
I was able to start a session using metasploit framework (msf6) with an android but after a while being in the session, the meterpreter session closes. Luckily however after a few seconds, another stage payload gets sent out, giving me acc… Continue reading How do I catch metasploit session scripts error code in ruby?
I want to serialize and deserialize models that contain user input. Marshal is a serialization library built into Ruby.
By design, ::load can deserialize almost any class loaded into the Ruby process. In many cases this can lead to remote… Continue reading Is Marshal.load safe for Marsha.dumped data