mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
13 lines
327 B
Ruby
13 lines
327 B
Ruby
|
# Phase 15 — generic instance method on a controller, vulnerable.
|
||
|
|
# No framework markers — RubyShape::detect picks ControllerMethod
|
||
|
|
# from the class+def pair.
|
||
|
|
|
||
|
|
class LoginController
|
||
|
|
def authenticate(payload)
|
||
|
|
STDOUT.print("__NYX_SINK_HIT__\n")
|
||
|
|
out = `echo hello #{payload}`
|
||
|
|
STDOUT.print(out)
|
||
|
|
out
|
||
|
|
end
|
||
|
|
end
|