mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
23 lines
656 B
JavaScript
23 lines
656 B
JavaScript
// Phase 13 — Koa middleware, vulnerable.
|
|
//
|
|
// Vulnerable middleware reads `ctx.query.host` and concatenates it into a
|
|
// shell command. Harness builds a mock ctx via js_shared::emit_koa.
|
|
|
|
'use strict';
|
|
const Koa = require('koa');
|
|
const { execSync } = require('child_process');
|
|
|
|
async function ping(ctx) {
|
|
const host = (ctx.query && ctx.query.host) || '';
|
|
process.stdout.write('__NYX_SINK_HIT__\n');
|
|
try {
|
|
const out = execSync('echo hello ' + host, { encoding: 'utf8', timeout: 5000 });
|
|
ctx.body = out;
|
|
} catch (e) {
|
|
ctx.body = (e.stdout || '') + (e.stderr || '');
|
|
}
|
|
}
|
|
|
|
void Koa;
|
|
|
|
module.exports = { ping };
|