Course
This course details the exploitation of a vulnerability in Ruby-on-Rails when it is running in development mode. It demonstrates how attackers can guess the key used to secure sessions by knowing the application's name, enabling them to decrypt, tamper, and re-encrypt session data.
Skills covered
Authentication
Authorisation
Cryptography
CWE-330
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
