3 Videos for CVE-2019-5418

PRO
Tier
difficulty_hard_icon
Hard
clock icon
1-2 Hrs.
number of users completed icon
501
badge icon
Green Badge
image of exercise CVE-2019-5418: Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
CVE-2019-5418: Introduction

In this video, we delve into CVE-2019-5418 as part of the Green Badge series. We explore how Ruby on Rails uses the Accept header to serve content and examine the implications this has for security vulnerabilities.

video duration icon07:05 number of views icon728

 

image of exercise CVE-2019-5418: Exploitation - part1
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
CVE-2019-5418: Exploitation - part1

In this video, we explore the exploitation of CVE-2019-5418, focusing on gaining code execution through a vulnerable Ruby on Rails application. We demonstrate how to manipulate the render file functionality to access sensitive files and ultimately achieve code execution.

video duration icon12:30 number of views icon1087

 

image of exercise CVE-2019-5418: Exploitation - part2
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
CVE-2019-5418: Exploitation - part2

In this video, we delve into the exploitation of CVE-2019-5418 as part of the Green Badge. We demonstrate how to decrypt credentials and forge a malicious session to gain code execution on the target system.

video duration icon09:23 number of views icon904