@patio11 how does the POC work, does it run code remotely?
-
-
-
@roidrage Yep. From there it's a very short leap to "root the box." (n.b. Rough complexity: one line with curl.) - 2 more replies
New conversation -
-
-
Specifics elided for obvious reasons but to hum a few bars I spent half an hour looking at system calls and server config files.
-
@patio11 TIL elided is a word :)
End of conversation
New conversation -
-
-
@patio11 Is that for low-level services, legacy cgi-bin or “modern” rails apps? I tried our own rails apps and did not see a vulnerability… -
@Narnach They're both for Rails(+etc) apps which were developed between 2010 and today. Neither does anything super exotic. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.