59 lines
1.3 KiB
JavaScript
59 lines
1.3 KiB
JavaScript
const express = require('express');
|
|
const mysql = require('mysql2');
|
|
const cors = require('cors');
|
|
const { exec } = require('child_process');
|
|
const app = express();
|
|
|
|
const db = require('./db');
|
|
|
|
app.use(cors());
|
|
app.use(express.json());
|
|
|
|
app.post('/api/login', (req, res) => {
|
|
const { username, password } = req.body;
|
|
|
|
// 🚨 INTENTIONALLY VULNERABLE TO SQLi
|
|
const query = `SELECT * FROM users WHERE username = '${username}' AND password = '${password}'`;
|
|
|
|
db.query(query, (err, results) => {
|
|
if (err) {
|
|
return res.status(500).json({
|
|
message: 'Error',
|
|
query: query
|
|
});
|
|
}
|
|
if (results.length > 0) {
|
|
res.json({
|
|
message: 'Login successful',
|
|
query: query
|
|
});
|
|
} else {
|
|
res.status(401).json({
|
|
message: 'Invalid credentials',
|
|
query: query
|
|
});
|
|
}
|
|
});
|
|
});
|
|
|
|
app.post('/api/ping', (req, res) => {
|
|
const { ip } = req.body;
|
|
|
|
// 🚨 INTENTIONALLY VULNERABLE TO COMMAND INJECTION
|
|
const command = `ping -c 4 ${ip}`;
|
|
exec(command, (err, stdout, stderr) => {
|
|
if (err) {
|
|
return res.status(500).json({
|
|
output: stderr,
|
|
command: command
|
|
});
|
|
}
|
|
res.json({
|
|
output: stdout,
|
|
command: command
|
|
});
|
|
});
|
|
});
|
|
|
|
app.listen(5000, () => console.log('Backend running on port 5000'));
|