Tag: JavaScript

NodeJS Deserialization

This is a Pentester Academy challenge writeup. It required to exploit a CVE-2017-5941 vulnerability in NodeJS server application in order to execute commands as root user to obtain a flag. Warning this is a writeup so it contains spoilers. I am changing it a little bit in order to save you from revealing everything. Application […]