Exploiting Node.js Deserialization Bug for Remote Code Execution

tl;dr Untrusted data passed into unserialize() function in node-serialize module can be exploited to achieve arbitrary code execution by passing a serialized JavaScript Object with an Immediately invoked function expression (IIFE). The Bug During a Node. Read more

Read full article

Similar

Debugging in 2017 with Node.js

We're gonna takealigg---a little look at these topics: * 1:43 Debugging basics (--inspect) and Chrome DevTools integration * 4:17 Chrome DevTools demo * 8:46... (more…)

Interview with Ryan Dahl, Creator of Node.js

A Podcast, where we unmask the people who are making tremendous strides in tech, yet whose stories are seldom heard. (more…)

How to get HTTPs started with Node.js

If you search for the word ‘HTTPS’ on medium (yes, this platform!), you will be blown away by the response. Articles here range from The list goes on. Let me remind you, this is just Medium, a simple…

Interview with Ryan Dahl, Creator of Node.js

Ryan Dahl is a Software Engineer working at Google Brain. He is the creator of Node.js, JavaScript runtime built on Chrome’s V8 JavaScript engine. Currently, he is working on deep learBrowserifyning research projects. His focus is mostly on image-to-image... (more…)

Node.js template for developing a Microservice [Feb]

Contribute to microservice-template development by creating an account on GitHub. (more…)

Latest News

Health Care Is Hemorrhaging Data. AI Is Here to Help

Introducing bitlib-rs for Rust and Cairo

HUI.js – JavaScript Front End UI Library in 657 Bytes