1. Web Security Academy
  2. Insecure deserialization
  3. Exploiting
  4. Lab

Lab: Exploiting Ruby deserialization using a documented gadget chain


This lab uses a serialization-based session mechanism and the Ruby on Rails framework. There is a documented exploit that enables remote code execution via a gadget chain in this framework.

To solve the lab, find a documented exploit and adapt it to create a malicious serialized object containing a remote code execution payload. Then, pass this object into the website to delete the morale.txt file from Carlos's home directory.