Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #492 from 418sec/2-npm-systeminformation
Security Fix for Command Injection - huntr.dev
  • Loading branch information
sebhildebrandt committed Feb 14, 2021
2 parents f947637 + 74f5164 commit 2e92938
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 18 deletions.
44 changes: 26 additions & 18 deletions lib/internet.js
Expand Up @@ -34,6 +34,16 @@ function inetChecksite(url, callback) {

return new Promise((resolve) => {
process.nextTick(() => {
let result = {
url: url,
ok: false,
status: 404,
ms: null
};
if (typeof url !== "string") {
if (callback) { callback(result); }
return resolve(result);
}
let urlSanitized = '';
const s = util.sanitizeShellString(url, true);
for (let i = 0; i <= 2000; i++) {
Expand All @@ -45,12 +55,7 @@ function inetChecksite(url, callback) {
}
}
}
let result = {
url: urlSanitized,
ok: false,
status: 404,
ms: null
};
result.url = urlSanitized;
try {
if (urlSanitized && !util.isPrototypePolluted()) {
let t = Date.now();
Expand Down Expand Up @@ -123,21 +128,24 @@ function inetLatency(host, callback) {
}

host = host || '8.8.8.8';
let hostSanitized = '';
const s = (util.isPrototypePolluted() ? '8.8.8.8' : util.sanitizeShellString(host, true)).trim();
for (let i = 0; i <= 2000; i++) {
if (!(s[i] === undefined)) {

s[i].__proto__.toLowerCase = util.stringToLower;
const sl = s[i].toLowerCase();
if (sl && sl[0] && !sl[1]) {
hostSanitized = hostSanitized + sl[0];
}
}
}

return new Promise((resolve) => {
process.nextTick(() => {
if (typeof host !== "string") {
if (callback) { callback(null); }
return resolve(null);
}
let hostSanitized = '';
const s = (util.isPrototypePolluted() ? '8.8.8.8' : util.sanitizeShellString(host, true)).trim();
for (let i = 0; i <= 2000; i++) {
if (!(s[i] === undefined)) {
s[i].__proto__.toLowerCase = util.stringToLower;
const sl = s[i].toLowerCase();
if (sl && sl[0] && !sl[1]) {
hostSanitized = hostSanitized + sl[0];
}
}
}
let params;
let filt;
if (_linux || _freebsd || _openbsd || _netbsd || _darwin) {
Expand Down
5 changes: 5 additions & 0 deletions lib/processes.js
Expand Up @@ -99,6 +99,11 @@ function services(srv, callback) {

return new Promise((resolve) => {
process.nextTick(() => {
if (typeof srv !== "string") {
if (callback) { callback([]); }
return resolve([]);
}

if (srv) {
let srvString = '';
srvString.__proto__.toLowerCase = util.stringToLower;
Expand Down

0 comments on commit 2e92938

Please sign in to comment.