mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-15 20:05:13 +02:00
20 lines
618 B
TypeScript
20 lines
618 B
TypeScript
// Phase 13 (Track L.11) — NestJS CMDI vuln fixture (TypeScript).
|
|
//
|
|
// Adapter binding: `@Controller('')` + `@Get('run')` on
|
|
// `AppController.runCmd` with `cmd` flowing through `@Query('cmd')`.
|
|
|
|
import 'reflect-metadata';
|
|
import { Controller, Get, Query } from '@nestjs/common';
|
|
import { exec } from 'child_process';
|
|
|
|
@Controller('')
|
|
export class AppController {
|
|
@Get('run')
|
|
runCmd(@Query('cmd') cmd: string): Promise<string> {
|
|
return new Promise((resolve) => {
|
|
exec(cmd || '', (err, stdout) => {
|
|
resolve(err ? String(err) : stdout);
|
|
});
|
|
});
|
|
}
|
|
}
|