├── .bookignore ├── .gitignore ├── README.md ├── SUMMARY.md ├── contributors.md ├── mutant ├── README.md ├── mutant1.md └── mutant1 │ ├── .rspec │ ├── Gemfile │ ├── Gemfile.lock │ ├── Rakefile │ ├── lib │ ├── secure_db.rb │ └── secure_db │ │ ├── authorization.rb │ │ ├── document.rb │ │ ├── exceptions.rb │ │ └── user.rb │ └── spec │ ├── document_spec.rb │ ├── spec_helper.rb │ └── user_spec.rb ├── parslet ├── README.md ├── json1.md ├── json1 │ ├── .rspec │ ├── Gemfile │ ├── Gemfile.lock │ ├── README.md │ ├── Rakefile │ ├── bin │ │ └── json_parse │ ├── lib │ │ └── json_parser.rb │ └── spec │ │ ├── json_parser_spec.rb │ │ └── spec_helper.rb ├── json2.md └── json2 │ ├── .rspec │ ├── Gemfile │ ├── Gemfile.lock │ ├── Rakefile │ ├── bin │ └── json_transform │ ├── lib │ ├── json_parser.rb │ └── json_transformer.rb │ └── spec │ ├── json_transformer_spec.rb │ └── spec_helper.rb ├── prerequisites.md ├── resources.md ├── ronin ├── README.md ├── exploit1.md └── exploit1 │ ├── Gemfile │ ├── Gemfile.lock │ └── exploit.rb ├── slides.md ├── solutions ├── mutant1 │ └── document_spec.rb ├── parsing1 │ └── json_parser.rb ├── parsing2 │ ├── json_parser.rb │ └── json_transformer.rb ├── ronin1 │ └── exploit.rb ├── yaml1 │ └── exploit.rb ├── yaml2 │ └── exploit.rb ├── yaml3 │ └── exploit.rb └── yaml4 │ └── exploit.rb └── yaml ├── README.md ├── yaml1.md ├── yaml1 ├── Gemfile ├── Gemfile.lock ├── app.rb ├── exploit.rb └── views │ └── index.erb ├── yaml2.md ├── yaml2 ├── Gemfile ├── Gemfile.lock ├── app.rb ├── exploit.rb └── views │ └── index.erb ├── yaml3.md ├── yaml3 ├── Gemfile ├── Gemfile.lock ├── app.rb ├── exploit.rb └── views │ └── index.erb ├── yaml4.md └── yaml4 ├── Gemfile ├── Gemfile.lock ├── app.rb ├── exploit.rb └── views └── index.erb /.bookignore: -------------------------------------------------------------------------------- 1 | solutions 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/.gitignore -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/README.md -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/SUMMARY.md -------------------------------------------------------------------------------- /contributors.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/contributors.md -------------------------------------------------------------------------------- /mutant/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/README.md -------------------------------------------------------------------------------- /mutant/mutant1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1.md -------------------------------------------------------------------------------- /mutant/mutant1/.rspec: -------------------------------------------------------------------------------- 1 | --format documentation -------------------------------------------------------------------------------- /mutant/mutant1/Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/Gemfile -------------------------------------------------------------------------------- /mutant/mutant1/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/Gemfile.lock -------------------------------------------------------------------------------- /mutant/mutant1/Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/Rakefile -------------------------------------------------------------------------------- /mutant/mutant1/lib/secure_db.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/lib/secure_db.rb -------------------------------------------------------------------------------- /mutant/mutant1/lib/secure_db/authorization.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/lib/secure_db/authorization.rb -------------------------------------------------------------------------------- /mutant/mutant1/lib/secure_db/document.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/lib/secure_db/document.rb -------------------------------------------------------------------------------- /mutant/mutant1/lib/secure_db/exceptions.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/lib/secure_db/exceptions.rb -------------------------------------------------------------------------------- /mutant/mutant1/lib/secure_db/user.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/lib/secure_db/user.rb -------------------------------------------------------------------------------- /mutant/mutant1/spec/document_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/spec/document_spec.rb -------------------------------------------------------------------------------- /mutant/mutant1/spec/spec_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/spec/spec_helper.rb -------------------------------------------------------------------------------- /mutant/mutant1/spec/user_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/mutant/mutant1/spec/user_spec.rb -------------------------------------------------------------------------------- /parslet/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/README.md -------------------------------------------------------------------------------- /parslet/json1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1.md -------------------------------------------------------------------------------- /parslet/json1/.rspec: -------------------------------------------------------------------------------- 1 | --colour --format documentation 2 | -------------------------------------------------------------------------------- /parslet/json1/Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/Gemfile -------------------------------------------------------------------------------- /parslet/json1/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/Gemfile.lock -------------------------------------------------------------------------------- /parslet/json1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/README.md -------------------------------------------------------------------------------- /parslet/json1/Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/Rakefile -------------------------------------------------------------------------------- /parslet/json1/bin/json_parse: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/bin/json_parse -------------------------------------------------------------------------------- /parslet/json1/lib/json_parser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/lib/json_parser.rb -------------------------------------------------------------------------------- /parslet/json1/spec/json_parser_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json1/spec/json_parser_spec.rb -------------------------------------------------------------------------------- /parslet/json1/spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'rspec' 2 | -------------------------------------------------------------------------------- /parslet/json2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2.md -------------------------------------------------------------------------------- /parslet/json2/.rspec: -------------------------------------------------------------------------------- 1 | --colour --format documentation 2 | -------------------------------------------------------------------------------- /parslet/json2/Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/Gemfile -------------------------------------------------------------------------------- /parslet/json2/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/Gemfile.lock -------------------------------------------------------------------------------- /parslet/json2/Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/Rakefile -------------------------------------------------------------------------------- /parslet/json2/bin/json_transform: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/bin/json_transform -------------------------------------------------------------------------------- /parslet/json2/lib/json_parser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/lib/json_parser.rb -------------------------------------------------------------------------------- /parslet/json2/lib/json_transformer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/lib/json_transformer.rb -------------------------------------------------------------------------------- /parslet/json2/spec/json_transformer_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/parslet/json2/spec/json_transformer_spec.rb -------------------------------------------------------------------------------- /parslet/json2/spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'rspec' 2 | -------------------------------------------------------------------------------- /prerequisites.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/prerequisites.md -------------------------------------------------------------------------------- /resources.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/resources.md -------------------------------------------------------------------------------- /ronin/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/ronin/README.md -------------------------------------------------------------------------------- /ronin/exploit1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/ronin/exploit1.md -------------------------------------------------------------------------------- /ronin/exploit1/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'ronin-support', '~> 0.5' 4 | -------------------------------------------------------------------------------- /ronin/exploit1/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/ronin/exploit1/Gemfile.lock -------------------------------------------------------------------------------- /ronin/exploit1/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/ronin/exploit1/exploit.rb -------------------------------------------------------------------------------- /slides.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/slides.md -------------------------------------------------------------------------------- /solutions/mutant1/document_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/mutant1/document_spec.rb -------------------------------------------------------------------------------- /solutions/parsing1/json_parser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/parsing1/json_parser.rb -------------------------------------------------------------------------------- /solutions/parsing2/json_parser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/parsing2/json_parser.rb -------------------------------------------------------------------------------- /solutions/parsing2/json_transformer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/parsing2/json_transformer.rb -------------------------------------------------------------------------------- /solutions/ronin1/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/ronin1/exploit.rb -------------------------------------------------------------------------------- /solutions/yaml1/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/yaml1/exploit.rb -------------------------------------------------------------------------------- /solutions/yaml2/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/yaml2/exploit.rb -------------------------------------------------------------------------------- /solutions/yaml3/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/yaml3/exploit.rb -------------------------------------------------------------------------------- /solutions/yaml4/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/solutions/yaml4/exploit.rb -------------------------------------------------------------------------------- /yaml/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/README.md -------------------------------------------------------------------------------- /yaml/yaml1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml1.md -------------------------------------------------------------------------------- /yaml/yaml1/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org/' 2 | 3 | gem 'sinatra', '~> 2.2.3' 4 | -------------------------------------------------------------------------------- /yaml/yaml1/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml1/Gemfile.lock -------------------------------------------------------------------------------- /yaml/yaml1/app.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml1/app.rb -------------------------------------------------------------------------------- /yaml/yaml1/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml1/exploit.rb -------------------------------------------------------------------------------- /yaml/yaml1/views/index.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml1/views/index.erb -------------------------------------------------------------------------------- /yaml/yaml2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml2.md -------------------------------------------------------------------------------- /yaml/yaml2/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org/' 2 | 3 | gem 'sinatra', '~> 2.2.0' 4 | -------------------------------------------------------------------------------- /yaml/yaml2/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml2/Gemfile.lock -------------------------------------------------------------------------------- /yaml/yaml2/app.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml2/app.rb -------------------------------------------------------------------------------- /yaml/yaml2/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml2/exploit.rb -------------------------------------------------------------------------------- /yaml/yaml2/views/index.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml2/views/index.erb -------------------------------------------------------------------------------- /yaml/yaml3.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml3.md -------------------------------------------------------------------------------- /yaml/yaml3/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org/' 2 | 3 | gem 'sinatra', '~> 2.2.3' 4 | -------------------------------------------------------------------------------- /yaml/yaml3/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml3/Gemfile.lock -------------------------------------------------------------------------------- /yaml/yaml3/app.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml3/app.rb -------------------------------------------------------------------------------- /yaml/yaml3/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml3/exploit.rb -------------------------------------------------------------------------------- /yaml/yaml3/views/index.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml3/views/index.erb -------------------------------------------------------------------------------- /yaml/yaml4.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml4.md -------------------------------------------------------------------------------- /yaml/yaml4/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org/' 2 | 3 | gem 'sinatra', '~> 2.2.0' 4 | -------------------------------------------------------------------------------- /yaml/yaml4/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml4/Gemfile.lock -------------------------------------------------------------------------------- /yaml/yaml4/app.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml4/app.rb -------------------------------------------------------------------------------- /yaml/yaml4/exploit.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml4/exploit.rb -------------------------------------------------------------------------------- /yaml/yaml4/views/index.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/rubysec/HEAD/yaml/yaml4/views/index.erb --------------------------------------------------------------------------------