PHP WebShell

• .. (вверх)
• [DIR] ..
• [DIR] node_modules
• [FILE] package-lock.json
• [FILE] package.json
• [FILE] server.js

Просмотр файла: server.js

'use strict';

const express = require('express');
const { createProxyMiddleware } = require('http-proxy-middleware');

const app = express();

const BIND = process.env.BIND || '127.0.0.1';
const PORT = parseInt(process.env.PORT || '3091', 10);

const UPSTREAM = process.env.BITGO_UPSTREAM || 'http://127.0.0.1:3090';
const TOKEN = process.env.BITGO_ACCESS_TOKEN || '';

app.use(express.json({ limit: '2mb' }));

app.get('/health', (req, res) => {
  res.json({ ok: true, service: 'bitgo-withdraw-gateway', upstream: UPSTREAM, ts: new Date().toISOString() });
});

function applyAuth(proxyReq) {
  if (TOKEN) proxyReq.setHeader('Authorization', `Bearer ${TOKEN}`);
}

function forwardJsonBody(proxyReq, req) {
  // Only restream body for JSON requests that actually have a body
  if (!req.body || Object.keys(req.body).length === 0) return;

  const bodyData = JSON.stringify(req.body);
  proxyReq.setHeader('Content-Type', 'application/json');
  proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));
  proxyReq.write(bodyData);
}

app.use(
  '/api',
  createProxyMiddleware({
    target: UPSTREAM,
    changeOrigin: false,
    secure: false,
    pathRewrite: (path) => path.replace(/^\/api/, ''), // /api/v2/... -> /v2/...
    onProxyReq: (proxyReq, req, res) => {
      applyAuth(proxyReq);
      forwardJsonBody(proxyReq, req);
    },
    onError: (err, req, res) => {
      res.status(502).json({ error: 'Gateway proxy error', message: String(err && err.message ? err.message : err) });
    },
  })
);

app.listen(PORT, BIND, () => {
  console.log(`Gateway listening on http://${BIND}:${PORT}`);
  console.log(`Upstream: ${UPSTREAM}`);
});

Выполнить команду