tl;dr
- Using the rotate chains method to exploit ruby class pollution to leak Legacy cookie via SQLI.
- Using a 1-Gadget ruby deserialization vector to get RCE in a clever way.
- Using a bunch of other clever tactics for exploitation.
tl;dr
tl;dr
tl;dr
Image gallery 1
Image gallery 2
tl;dr
tl;dr
tl;dr
tl;dr
tl;dr
tl;dr
tl;dr
1 / 3