Y
Hacker News
new
|
ask
|
show
|
jobs
by
jononor
2973 days ago
Can someone explain how the injection itself works? I assume it's the require doing the work, but its not so clear how that loads externally instead of from a path in filesystem?
2 comments
ekke
2972 days ago
NPM guys explain it in the blog today:
https://news.ycombinator.com/item?id=16975025
link
jononor
2970 days ago
Corrected URL to blogpost is:
https://blog.npmjs.org/post/173526807575/reported-malicious-...
link
dylz
2972 days ago
It appears to be middleware that looks at headers, and if a certain condition is met, it'll basically execute
https://nodejs.org/api/vm.html#vm_vm_runinthiscontext_code_o...
against whatever the header has.
link