ruby
Ruby interpreter. Can be used for arbitrary code execution, reverse shells, and file operations.
Binary Paths
/usr/bin/ruby/usr/local/bin/ruby
Glob Patterns
| Pattern | Notes |
|---|---|
rub?
|
Wildcard replaces 'y' |
r*y
|
Star matches 'ub' |
ru[b]y
|
Bracket class on third char |
r?by
|
Wildcard replaces 'u' |
rub[y]
|
Bracket class on last char |
/usr/bin/rub?
|
Full path wildcard |
/???/???/r*y
|
Full path mixed wildcards |
Pattern Tester
$
Try typing ruby or a full path like /usr/bin/ruby
YARA Rule
Auto-generated detection rule for ruby