Exploiting Node.js Deserialization Bug for Remote Code Execution – Full-Stack Feed

Exploiting Node.js Deserialization Bug for Remote Code Execution

tl;dr Untrusted data passed into unserialize() function in node-serialize module can be exploited to achieve arbitrary code execution by passing a serialized JavaScript Object with an Immediately invoked function expression (IIFE). The Bug During a Node. Read more

Read full article

Similar

Python3.6+Node.js+yarn docker image built daily on travis

Debian, Python and Node.js docker image, built daily on travis. Contains Yarn for Node.js package management. (more…)

Read more »

Control Your Razer Keyboard, Right from Node

razer-chroma - :fire: Control your Razer Keyboard, right from Node...

Read more »

Abusing Nvidia’s Node.js to bypass application whitelisting

Application Whitelisting Application whitelisting is an important security concept which can be found in many environments during pene... (more…)

Read more »

Offline,RealTime,Face Recognition in Node.js and Python atop 99.38% accuracy model

Well if you are this kind of a guy, you may head directly to code: (more…)

Read more »

A PDF Rendering Addon for Node.js

An adventure with WebKitGTK+, v8, and multithreaded C++... (more…)

Read more »