Skip to content
/ node-lfi-exploit Public
forked from matthewbadeau/node-lfi-exploit

Demo app to show an LFI exploit. This is purely an error on the programmer's part.

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

abarak-biu/node-lfi-exploit

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

README.md

README.md

 
 

app.js

app.js

 
 

index.html

index.html

 
 

style.css

style.css

 
 

Repository files navigation

Demo LFI exploitable node.js app

This demo node.js app is to show that a super-lazy and inexperienced programmer created a production web app that loads files based on the browser's request. It's a basic app that should load index.html and all other linked files. That is... until you try something like /etc/passwd. To exploit, type in the file that you're requesting, for example:

curl http://127.0.0.1:8000/../../../../../../etc/passwd

About

Demo app to show an LFI exploit. This is purely an error on the programmer's part.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 84.3%
  • HTML 13.4%
  • CSS 2.3%