Skip to content

Instantly share code, notes, and snippets.

View lmarburger's full-sized avatar
🥖
Temporally nondeterministic

Larry Marburger lmarburger

🥖
Temporally nondeterministic
View GitHub Profile
@markpundsack
markpundsack / heroku-CVE-2013-0156.rb
Last active November 27, 2023 15:44 — forked from elliottkember/heroku-CVE-2013-0156.rb
Forked from https://gist.github.com/4489689 by elliottkember. CVE-2013-0156 is a nasty vulnerability in many versions of Rails. This script checks all your Heroku apps for this vulnerability in one quick (slow) move. More info: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
## The quick-and-nasty CVE-2013-0156 Heroku inspector!
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
## Download and run using:
## ruby heroku-CVE-2013-0156.rb
`heroku list`.split("\n").each do |app|
app = app.strip
# Some "heroku apps" lines have === formatting for grouping. They're not apps.
next if app[0..2] == "==="