CVE-2020-8163: Rails local name RCE

This exercise details the exploitation of CVE-2020-8163 to gain code execution

1-2 Hrs.
Brown Badge


The CVE-2020-8163 vulnerability arises from the improper handling of partial views with local variables in Ruby-on-Rails applications. Specifically, it affects instances where attackers can control the name of the locals passed to these partial views. The course explains how partial views are used to avoid code repetition and demonstrates scenarios where this vulnerability can be exploited. By examining the affected code patterns and the method responsible for rendering these views, students learn to craft an exploit that achieves code execution.

Detailed examples and snippets illustrate how the vulnerability manifests in real-world applications. Key focus areas include the importance of controlling the local variable names and the mechanics of injecting malicious input to exploit the vulnerability. The course also emphasizes understanding the underlying Ruby code to effectively create an exploit. Through hands-on exercises, students gain practical experience in exploiting this vulnerability while learning valuable Ruby exploitation techniques that can be applied to other scenarios.

Want to learn more? Get started with PentesterLab Pro! GO PRO