hacktricks/src/network-services-pentesting/pentesting-web/ruby-tricks.md

Ruby Tricks

{{#include ../../banners/hacktricks-training.md}}

File upload to RCE

As explained in this article, uploading a .rb file into sensitive directories such as config/initializers/ can lead to remote code execution (RCE) in Ruby on Rails applications.

{{#include ../../banners/hacktricks-training.md}}