node-repl-history-disclosure: Node.js REPL History Disclosure

日期: 2026-01-08 | 影响软件: Node.js | POC: 已公开

漏洞描述

The Node.js REPL history file (.node_repl_history) was exposed, which had contained a log of commands entered into the Node.js interactive shell.

PoC代码[已公开]

id: node-repl-history-disclosure

info:
  name: Node.js REPL History Disclosure
  author: pussycat0x
  severity: low
  description: |
    The Node.js REPL history file (.node_repl_history) was exposed, which had contained a log of commands entered into the Node.js interactive shell.
  reference:
    - https://nodejs.org/api/repl.html#persistent-history
    - https://joshtronic.com/2022/12/18/nodejs-repl-history/
  metadata:
    max-request: 2
    verified: true
    shodan-query: http.html:".node_repl_history"
  tags: exposure,nodejs,history,disclosure,misconfiguration

http:
  - method: GET
    path:
      - "{{BaseURL}}/.node_repl_history"
      - "{{BaseURL}}/node_repl_history"

    stop-at-first-match: true
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains_any(body, "require(",".exit","module.exports","let","process.","console.log(")'
          - 'contains(header, "application/octet-stream")'
        condition: and
# digest: 4a0a00473045022100f8b92964d1a12d3be2fbabfdbb9051b930bee1c5536b5dd8524e24d03856bf6b02206d846f2eafb7efa4f4993be3d26dabee7d79fd3cdb2d5b3ff6bd07492d285dcb:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/configs/node-repl-history-disclosure.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐