You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When you use ruby-debug-ide for remote debugging,it will potentially cause arbitrary remote code execution. rdebug-ide --host 0.0.0.0 --port 6666 --dispatcher-port 6666 -- test.rb s telnet remote_host remote_port
Because there is no permission verification, as long as the port is opened, everyone can access remotely.Other language debugger there was a similar situation,like Node.js Debug RCE(https://www.cvedetails.com/cve/CVE-2018-12120/) 、Java Debug RCE(https://www.rapid7.com/db/modules/exploit/multi/misc/java_jdwp_debugger/).
Remote code execution can be exploited through the following steps.
When you use ruby-debug-ide for remote debugging,it will potentially cause arbitrary remote code execution.
rdebug-ide --host 0.0.0.0 --port 6666 --dispatcher-port 6666 -- test.rb s
telnet remote_host remote_port
Because there is no permission verification, as long as the port is opened, everyone can access remotely.Other language debugger there was a similar situation,like Node.js Debug RCE(https://www.cvedetails.com/cve/CVE-2018-12120/) 、Java Debug RCE(https://www.rapid7.com/db/modules/exploit/multi/misc/java_jdwp_debugger/).
Remote code execution can be exploited through the following steps.
1.Although the help document without any command execution instructions(https://github.com/ruby-debug/ruby-debug-ide/blob/master/protocol-spec.md). Looks can't remote command execution.
2.But I found in the directory(ruby-debug-ide/lib/ruby-debug-ide/commands/) that command
eval
can execute arbitrary commands.3.So when anybody connected the remote service who can execute arbitrary code execution.
Advice
1.Modify the readme.md content,using a specific IP
--host specific_ip
2.Delete the "eval" command
3.Using the authentication like SSH.
The text was updated successfully, but these errors were encountered: