|
|
|
|
|
|
by newnewpdro
2630 days ago
|
|
|
It runs arbitrary ruby code supplied in the form of a cookie. This means the backdoor is fully generic and nobody can describe the damage, if any, that has been done. The only saving grace is the code will run with the privileges of the ruby interpreter, constrained to the process environment of same. |
|
|