James Jeffers jjeffers
jjeffers
/ gist:4739850
Created
February 8, 2013 15:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Spec::Runner.configure do |config| | |
| config.include Capybara::DSL | |
| config.use_transactional_fixtures = true | |
| config.use_instantiated_fixtures = false | |
| config.fixture_path = RAILS_ROOT + '/test/fixtures/' | |
| config.before(:suite) do | |
| DatabaseCleaner.clean_with(:truncation) |
jjeffers
/ gist:6108226
Created
July 29, 2013 21:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://gist.github.com/jjeffers/23b19e36482557f62576 |
jjeffers
/ gist:6108243
Created
July 29, 2013 21:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| | High | User | send_user_message | Command Injection | Possible command injection near l>> | |
| | High | User | User.create_user | Command Injection | Possible command injection near l>> | |
| | High | User | User.tidy_up | Command Injection | Possible command injection near l>> |
jjeffers
/ gist:6108271
Last active
December 20, 2015 09:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| system(cmd) |
jjeffers
/ gist:6108275
Created
July 29, 2013 22:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| logger.info %x[#{cmd}] |
jjeffers
/ gist:6108318
Created
July 29, 2013 22:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cmd = "ls -al #{params[:user_id]}" | |
| logger.info %x[#{cmd}] |
jjeffers
/ gist:6108331
Created
July 29, 2013 22:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ls -al | rm -rf / |
jjeffers
/ gist:6108338
Created
July 29, 2013 22:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| system(cmd, arg1, ...) |
jjeffers
/ gist:6108344
Created
July 29, 2013 22:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stdin, stdout, stderr = Open3.popen3(cmd, args) | |
| logger.info stdout |
jjeffers
/ gist:6109706
Created
July 30, 2013 02:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gem install brakeman | |
| brakeman |
OlderNewer