IDOR to Shell

Bookmarked!

This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application

PRO Hard 1-2 Hrs. 1074 Green Badge

Course

This course details the exploitation of Insecure Direct Object Reference (IDOR) using a Rails application. You will learn how an attacker can gain access to administration pages, bypass Multi-Factor Authentication, and ultimately achieve code execution on the server.

Skills covered

Injection Authentication Authorisation

CWE-639

Included with PRO

Full course content 2 videos Common mistakes

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account