skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

HTB Gunship Walkthrough Exploiting RCE via AST Injection

/ 1 min read

🛡️‍💻 Node.js application Gunship reveals critical vulnerabilities through code review. A recent analysis of the Gunship application, built on Node.js and utilizing the Pug template engine, uncovered significant security flaws, including Remote Code Execution (RCE) and Prototype Pollution. The investigation highlighted that the Pug version in use was susceptible to RCE via Abstract Syntax Tree (AST) injection. After testing various payloads, a successful exploit was executed, allowing access to a flag file within the application. This write-up serves as a detailed guide on identifying and exploiting these vulnerabilities, emphasizing the importance of secure coding practices in web applications. For further insights, references to relevant security resources and tools are provided.

Source
{entry.data.source.title}
Original