Ruby Remote Debug Can Cause Arbitrary Remote Code Execution

[GeekOnlineCode]

When you use ruby-debug-ide for remote debugging,it will potentially cause arbitrary remote code execution. rdebug-ide --host 0.0.0.0 --port 6666 --dispatcher-port 6666 -- test.rb s telnet remote_host remote_port Because there is no permission verification, as long as the port is opened, everyone can access remotely.Other language debugger there was a similar situation,like Node.js Debug RCE(https://www.cvedetails.com/cve/CVE-2018-12120/) 、Java Debug RCE(https://www.rapid7.com/db/modules/exploit/multi/misc/java_jdwp_debugger/).

Remote code execution can be exploited through the following steps.

1.Although the help document without any command execution instructions(https://github.com/ruby-debug/ruby-debug-ide/blob/master/protocol-spec.md). Looks can't remote command execution. 2.But I found in the directory(ruby-debug-ide/lib/ruby-debug-ide/commands/) that command eval can execute arbitrary commands.

3.So when anybody connected the remote service who can execute arbitrary code execution.

Advice

1.Modify the readme.md content，using a specific IP --host specific_ip 2.Delete the "eval" command 3.Using the authentication like SSH.