Ruby 2.x Universal RCE Deserialization Gadget Chain

This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()

PRO
content
easy diffculty Easy difficulty
easy diffculty Less than an hour
average
completion
time
number of users completed icon 1000
completed
this exercise

Course





Make sure you check out PentesterLab PRO and PentesterLab PRO Enterprise to develop your skills.