Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gchan/imagetragick-rails
A sample Rails application (and Docker image) to demonstrate the ImageTragick vulnerabilities
https://github.com/gchan/imagetragick-rails
Last synced: 28 days ago
JSON representation
A sample Rails application (and Docker image) to demonstrate the ImageTragick vulnerabilities
- Host: GitHub
- URL: https://github.com/gchan/imagetragick-rails
- Owner: gchan
- License: mit
- Created: 2016-05-22T06:51:31.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-08-11T05:44:38.000Z (over 8 years ago)
- Last Synced: 2024-10-11T23:35:54.260Z (3 months ago)
- Language: Ruby
- Homepage:
- Size: 21.5 KB
- Stars: 4
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
### ImageTragick Rails (gordonchan/imagetragick-rails)
[](http://microbadger.com/images/gordonchan/imagetragick-rails "Get your own image badge on microbadger.com")
A sample Rails application to demonstrate the [ImageTragick](https://imagetragick.com/) vulnerabilities as part of talk I gave at [WellRailed](https://www.meetup.com/wellrailed/events/231113047) on 26 May 2016.
Slides: https://speakerdeck.com/gchan/imagetragick-and-rails
Available as a Docker image [gordonchan/imagetragick-rails](https://hub.docker.com/r/gordonchan/imagetragick-rails/).
#### Quick start (Docker)
To start an instance of the application in a Docker container:
```
$ docker-compose up
```
Alternatively:
```
$ docker run --rm -p 3131:3000 --name imagetragick -e SECRET_KEY_BASE=d41c2ab288fdefcd779ca19a1fa2dec39f21f945ad8c44770c4e4731c090e3e34643b9eb012c80739fc362cb44a44296b1e1d145eb76880f0e2cfc4ee4e301a1 gordonchan/imagetragick-rails
```
The application is accessible through port `3131` on the Docker host IP. The default IP is `192.168.99.100` but you can find yours by using `docker-machine ip`
## License
imagetragick-rails is Copyright (c) 2016 Gordon Chan and is released under the MIT License. It is free software, and may be redistributed under the terms specified in the LICENSE file.
[](https://github.com/igrigorik/ga-beacon)