Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- A content delivery network (CDN) is a location where lots of data gets served from different geographical locations. So, compromising a CDN is a huge deal!
- When requesting an NPM URL, it checks to see if the package has already been downloaded. If not, then it directly downloads it from NPM.
- However, there are a few issues with the implementation. To start with, the library being used for opening the files keeps symbolic links. This gives you an arbitrary read over the CDN.
- To get an arbitrary write, point a symlink to a file that has already been extracted. Although a mature implementation of tar this would not work, this is not work.
- The attack also worked with hardlinks.
