Ruby 2.x Universal RCE Deserialization Gadget Chain

This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()

PRO

content

EASY

Difficulty

Less than an hour

on average

156

Completed this exercise

Course

Access to this course is only available with PentesterLab PRO

Make sure you check out PentesterLab PRO and PentesterLab PRO Enterprise to develop your skills.