CVE-2020-8163

This exploit leverages a remote code execution vulnerability in Rails < 5.0.1 by injecting a command into the URL query string, which executes arbitrary shell commands via the `system` function. The payload initiates a reverse shell to a specified IP and port.

This repository contains a functional exploit for CVE-2020-8163, a remote code execution vulnerability in Rails < 5.0.1. The exploit leverages user-controlled `locals` in a `render` call to execute arbitrary commands via a crafted URI.

This repository contains a functional exploit for CVE-2020-8163, a blind remote code execution vulnerability in Rails versions < 5.0.1 and < 4.2.11.2. The exploit leverages user-provided local names to execute arbitrary commands via a crafted URI.

This repository contains a functional exploit for CVE-2020-8163, a remote code execution vulnerability in Rails < 5.0.1. The exploit leverages user-provided local names to execute arbitrary commands via crafted HTTP requests.

This repository contains a functional exploit for CVE-2020-8163, a remote code execution vulnerability in Rails < 5.0.1 due to improper handling of user-provided local names in render calls. The exploit sends a crafted URI to trigger arbitrary command execution via a reverse shell.