»

CVE-2012-2661: ActiveRecord SQL injection

CVE-2012-2661: ActiveRecord SQL injection

Difficulty

Advanced

Details

This exercise explains how you can exploit CVE-2012-2661 to retrieve information from a database.

What you will learn?

  • Exploiting CVE-2012-2661
  • Time based SQL injections

Requirements

  • A computer with a virtualisation software
  • A basic understanding of HTTP
  • A basic understanding of Ruby
  • Yes, that's it!

Download