Update module documentation for rails double tap vuln

2019-04-18 16:07:55 -05:00 · 2019-04-18 16:07:55 -05:00 · c223148652
parent 89096f374b
commit c223148652
1 changed files with 3 additions and 6 deletions
--- a/documentation/modules/auxiliary/gather/rails_doubletap_file_read.md
+++ b/documentation/modules/auxiliary/gather/rails_doubletap_file_read.md
@ -1,11 +1,8 @@
 ## Vulnerable Application

-  Ruby on Rails versions <= 5.2.2.
+  Ruby on Rails versions <= 5.2.2. The following example shows how to recreate the vulnerable environment on Linux:

-  Installation steps:
-  1. `gem install rails -v 5.2.1`
-  2. `rails new demo`
-  3. `rails s -b 0.0.0.0`
+  https://chybeta.github.io/2019/03/16/Analysis-for%E3%80%90CVE-2019-5418%E3%80%91File-Content-Disclosure-on-Rails/

 ## Verification Steps

@ -76,4 +73,4 @@ systemd-timesync:x:104:110:systemd Time Synchronization,,,:/run/systemd:/usr/sbi
 postgres:x:105:112:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash

 [*] Auxiliary module execution completed  
-```
+```