![18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | by Karthikeyan Nagaraj | Apr, 2024 | Medium 18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | by Karthikeyan Nagaraj | Apr, 2024 | Medium](https://miro.medium.com/v2/resize:fit:1358/1*-oFedKcKq0Nkfu7JZCDS_Q.png)
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | by Karthikeyan Nagaraj | Apr, 2024 | Medium
![18.4 Lab: Exploiting Ruby deserialization using documented gadget chain - Karthikeyan Nagaraj | 2024 - YouTube 18.4 Lab: Exploiting Ruby deserialization using documented gadget chain - Karthikeyan Nagaraj | 2024 - YouTube](https://i.ytimg.com/vi/5sPTQs6OAK4/hq720.jpg?sqp=-oaymwEhCK4FEIIDSFryq4qpAxMIARUAAAAAGAElAADIQj0AgKJD&rs=AOn4CLDGipaceQAHMPSfviu6mEau4774tw)
18.4 Lab: Exploiting Ruby deserialization using documented gadget chain - Karthikeyan Nagaraj | 2024 - YouTube
![Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1560968731796-ALQRJIJIKCE6QTTNUXJT/PoC.png)
Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization
![Ruby serialization 'exploit' news is balderdash. Loading binary objects from untrusted sources in any language has always been a Bad Idea™️ and a warning was in RDoc since 2013. : r/programming Ruby serialization 'exploit' news is balderdash. Loading binary objects from untrusted sources in any language has always been a Bad Idea™️ and a warning was in RDoc since 2013. : r/programming](https://i.imgur.com/e5Ew5lI.png)
Ruby serialization 'exploit' news is balderdash. Loading binary objects from untrusted sources in any language has always been a Bad Idea™️ and a warning was in RDoc since 2013. : r/programming
![Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1560968541914-5P3K4BXNV8I3JAPWC6AO/Screen6.png)
Zero Day Initiative — Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization
![18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | by Karthikeyan Nagaraj | Apr, 2024 | Medium 18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024 | by Karthikeyan Nagaraj | Apr, 2024 | Medium](https://miro.medium.com/v2/resize:fit:2000/1*BXGzRSBT88n7j2A5Jk2SSg.png)