Pentester Lab: Rack Cookies and Commands Injection

  • Name: Pentester Lab: Rack Cookies and Commands Injection
  • Date release: 2 Oct 2012


(Size: 317 MB)


(Size: 313 MB)




After a short brute force introduction, this exercice explains the tampering of rack cookie and how you can even manage to modify a signed cookie (if the secret is trivial). Using this issue, you will be able to escalate your privileges and gain commands execution.

What you will learn?

  • Rack Cookies tampering
  • Writing small web scripts in Ruby
  • Commands injection attack

  • Filename: rack_cookies_and_commands_injection_i386.iso
  • File size: 317 MB
  • MD5: 3AB2F16009BFE8F37AA45EDA636E5FE8
  • SHA1: E5C8DD2C48B608AACF3BAC8F291872092BFBACE2

  • Filename: _rack_cookies_and_commands_injection.iso
  • File size: 313 MB
  • MD5: 2FCCBCEBC049D49B2C10E682764D9E5B
  • SHA1: 7CBAC7B4BAD5DB7C6C67939CC1806E5CDFEC5B1A

  • Format: Disk Image (.ISO)
  • Operating System: Linux

  • DHCP service: Enabled
  • IP address: Automatically assign