Skip to content

Instantly share code, notes, and snippets.

@jkiyo

jkiyo/index.ts Secret

Last active November 6, 2021 22:37
Show Gist options
  • Save jkiyo/735c7f363d469d777be0d5767e9c9042 to your computer and use it in GitHub Desktop.
Save jkiyo/735c7f363d469d777be0d5767e9c9042 to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2019-18413
Raw
index.ts
import "reflect-metadata";
import { IsEmail } from "class-validator";
import { Post, Body, JsonController, createExpressServer } from "routing-controllers";
class Test {
@IsEmail()
public email!: string;
}
@JsonController()
class TestController {
@Post("/test")
public test(@Body() body: Test) {
console.log(body);
return "Ok";
}
}
const app = createExpressServer({
controllers: [TestController],
});
app.listen(3000);
Raw
package.json
{
"name": "cve-2019-18413",
"version": "1.0.0",
"main": "index.ts",
"scripts": {
"start": "ts-node index.ts",
"test": "curl -H 'Content-Type: application/json' localhost:3000/test -d @test.json"
},
"dependencies": {
"class-transformer": "0.3.1",
"class-validator": "0.12.2",
"reflect-metadata": "^0.1.13",
"routing-controllers": "^0.9.0",
"tslib": "^2.3.1"
},
"devDependencies": {
"@types/node": "^16.11.6",
"ts-node": "^10.4.0",
"typescript": "^4.4.4"
}
}
Raw
test.json
{
"email": "bbbb",
"__proto__": {}
}
Raw
tsconfig.json
{
"$schema": "https://json.schemastore.org/tsconfig",
"compilerOptions": {
"lib": ["es2019", "es2020.promise", "es2020.bigint", "es2020.string"],
"module": "commonjs",
"target": "es2019",
"strict": true,
"esModuleInterop": true,
"emitDecoratorMetadata": true,
"experimentalDecorators": true
}
}
@jkiyo
Copy link
Author

jkiyo commented Nov 6, 2021
edited
Loading

❯ npm test

[email protected] test /home/jkiyo/Dev/trash/cve/CVE-2019-18413
curl -H 'Content-Type: application/json' localhost:3000/test -d @test.json

{"name":"BadRequestError","message":"Invalid body, check 'errors' property for more info.","stack":"Error\n at new HttpError (/home/jkiyo/Dev/trash/cve/CVE-2019-18413/node_modules/src/http-error/HttpError.ts:16:18)\n at new BadRequestError (/home/jkiyo/Dev/trash/cve/CVE-2019-18413/node_modules/src/http-error/BadRequestError.ts:10:5)\n at /home/jkiyo/Dev/trash/cve/CVE-2019-18413/node_modules/src/ActionParameterHandler.ts:233:30\n at processTicksAndRejections (node:internal/process/task_queues:96:5)\n at async ActionParameterHandler.normalizeParamValue (/home/jkiyo/Dev/trash/cve/CVE-2019-18413/node_modules/src/ActionParameterHandler.ts:141:15)\n at async Promise.all (index 0)","errors":[{"target":{"email":"bbbb"},"value":"bbbb","property":"email","children":[],"constraints":{"isEmail":"email must be an email"}}]}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment