first commit
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
This commit is contained in:
32
node/CVE-2017-16082/www/app.js
Normal file
32
node/CVE-2017-16082/www/app.js
Normal file
@@ -0,0 +1,32 @@
|
||||
const Koa = require('koa')
|
||||
const { Client } = require('pg')
|
||||
|
||||
const app = new Koa()
|
||||
const client = new Client({
|
||||
user: "postgres",
|
||||
password: "postgres",
|
||||
database: "example",
|
||||
host: "db",
|
||||
port: 5432
|
||||
})
|
||||
client.connect()
|
||||
|
||||
app.use(async ctx => {
|
||||
ctx.response.type = 'html'
|
||||
|
||||
let id = ctx.request.query.id || 1
|
||||
let sql = `SELECT * FROM "user" WHERE "id" = ${id}`
|
||||
const res = await client.query(sql)
|
||||
|
||||
ctx.body = `<html>
|
||||
<body>
|
||||
<table>
|
||||
<tr><th>id</th><td>${res.rows[0].id}</td></tr>
|
||||
<tr><th>name</th><td>${res.rows[0].name}</td></tr>
|
||||
<tr><th>score</th><td>${res.rows[0].score}</td></tr>
|
||||
</table>
|
||||
</body>
|
||||
</html>`
|
||||
})
|
||||
|
||||
app.listen(3000)
|
||||
Reference in New Issue
Block a user