HTB Gunship Walkthrough Exploiting RCE via AST Injection
/ 1 min read
🛡️💻 Node.js application Gunship reveals critical vulnerabilities through code review. A recent analysis of the Gunship application, built on Node.js and utilizing the Pug template engine, uncovered significant security flaws, including Remote Code Execution (RCE) and Prototype Pollution. The investigation highlighted that the Pug version in use was susceptible to RCE via Abstract Syntax Tree (AST) injection. After testing various payloads, a successful exploit was executed, allowing access to a flag file within the application. This write-up serves as a detailed guide on identifying and exploiting these vulnerabilities, emphasizing the importance of secure coding practices in web applications. For further insights, references to relevant security resources and tools are provided.
