Files for Rack Cookies and Commands injection

After a short brute force introduction, this exercise explains the tampering of rack cookies and how you can even manage to modify a signed cookie (if the secret is trivial). Using this issue, you will be able to escalate your privileges and gain command execution

PTLAB

Free

Tier

PTLAB

Hard

PTLAB

ISO

The ISO for this exercise can be downloaded by clicking here (318MB). You can use this file in your favorite virtualization software and boot the virtual machine from it.

Other files

Access to files for this exercise is only available with PentesterLab PRO