CVE-2019-5420

This Metasploit module exploits CVE-2019-5420, a deserialization vulnerability in Ruby on Rails development mode. It retrieves the application name, generates a signed serialized payload, and achieves remote code execution by leveraging the predictable secret_key_base.

This repository provides a working proof-of-concept exploit for CVE-2019-5420, a deserialization vulnerability in Ruby on Rails. The exploit demonstrates remote code execution (RCE) by executing a command to create a file on the target system.

This PoC demonstrates a Ruby deserialization vulnerability (CVE-2019-5420) in Rails applications using ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor with Marshal as the default serializer. It exploits object injection to achieve remote code execution (RCE) via a crafted payload.

This PoC exploits CVE-2019-5420 by deriving the Rails development mode secret token from the application name and decrypting session cookies. It demonstrates the vulnerability by decrypting AES-GCM encrypted session data using the guessed key.

This Ruby script exploits CVE-2019-5420, a deserialization vulnerability in Rails development mode cookies. It decrypts, modifies, and re-encrypts the cookie to escalate privileges (e.g., setting user_id to 1).

This PoC exploits CVE-2019-5420, a deserialization vulnerability in Ruby on Rails' ActiveSupport. It crafts a malicious ERB object wrapped in a DeprecatedInstanceVariableProxy, signs it with a derived secret, and achieves remote code execution upon deserialization.

This PoC exploits CVE-2019-5420, a vulnerability in Rails' encrypted cookie mechanism, allowing decryption and modification of cookie data. It demonstrates how to decrypt, modify, and re-encrypt cookies using AES-GCM.

This repository is a stub for CVE-2019-5420, referencing external sources for vulnerable Docker containers. It does not contain exploit code or technical details.

This PoC exploits CVE-2019-5420 by decrypting and re-encrypting a Rails cookie to escalate privileges to an admin account. It leverages a known secret generation method in development mode to manipulate the cookie data.

This exploit PoC demonstrates an authenticated session tampering vulnerability in Rails (CVE-2019-5420) by decrypting and re-encrypting session cookies to escalate privileges (e.g., changing user_id). It leverages a weak key derivation mechanism in development mode.

This PoC exploits CVE-2019-5420, a deserialization vulnerability in Ruby on Rails. It demonstrates how to decrypt and modify session cookies to achieve remote code execution via crafted marshaled objects.

This PoC exploits CVE-2019-5420 by decrypting and modifying Ruby-on-Rails session cookies in development mode, where the encryption key is derived from the application name. It demonstrates how an attacker can tamper with session data to escalate privileges (e.g., setting user_id to 1).

This PoC demonstrates the decryption of Rails development mode cookies affected by CVE-2019-5420, which allows attackers to forge arbitrary cookies due to weak cryptographic key derivation. The script decrypts and verifies the contents of a provided cookie using AES-GCM.

This Metasploit module exploits CVE-2019-5420, a deserialization vulnerability in Ruby on Rails development mode. It extracts the application name (used as secret_key_base) and crafts a signed serialized payload to achieve remote code execution.