coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #610 from Swiftrix/Swiftrix-patch-1

Browse Source 
Update prototype-pollution-to-rce.md
This commit is contained in:
Carlos Polop 2023-03-27 11:41:01 +02:00 committed by GitHub
commit b54069ccaf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md
View File

@ -51,7 +51,7 @@ var proc = fork('a_file.js');
## PP2RCE via env vars
**PP2RCE** means **Prototype Pollution to RCE** (Remote Coxe Execution).
**PP2RCE** means **Prototype Pollution to RCE** (Remote Code Execution).
According to this [**writeup**](https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/) when a **process is spawned** with some method from **`child_process`** (like `fork` or `spawn` or others) it calls the method `normalizeSpawnArguments` which a **prototype pollution gadget to create new env vars**: