n8n Authenticated RCE via Arbitrary File Write

This repository is a minimal malicious n8n custom node package consisting of two files: package.json and dist/Rce.node.js. The package metadata registers dist/Rce.node.js as an n8n node and describes it as a lab package for reproducing CVE-2026-21877 in n8n 1.121.2. The actual exploit logic is not in the node's execute() method; instead, it runs immediately at module load time via child_process.exec(). That command launches a Unix reverse shell using mkfifo, /bin/sh, and nc, connecting to 0.tcp.ap.ngrok.io on TCP port 16113. This means simply importing/loading the node is sufficient to trigger code execution. Structurally, the exported Rce class mostly serves as a benign-looking wrapper with n8n node metadata, while the top-level exec() call is the malicious capability. The exploit is therefore an operational malicious package/plugin intended to achieve remote shell access through supply-chain style loading of a custom node in an n8n/Node.js environment.

This repository is a self-contained lab and exploit for an n8n-to-Flask command injection chain labeled as CVE-2026-21877. The main exploit file, `CVE-2026-21877_exploit.py`, is a Python interactive shell client that sends POST requests to an n8n webhook on port 5678. It supports both test mode (`/webhook-test/renad-secure-gate`) and production mode (`/webhook/renad-secure-gate`), and injects attacker-controlled shell commands by placing `; <cmd>` into the JSON `address` field. The repository structure shows the full vulnerable environment rather than just a standalone exploit. `network_monitor.py` is the actual vulnerable Flask service: it accepts a `target` parameter and executes `ping -c 2 {target}` using `subprocess.check_output(..., shell=True)`, making it trivially vulnerable to command injection. `n8n_workflow_cve.json` defines the n8n workflow that exposes the webhook path `renad-secure-gate`, forwards the incoming `address` value as `target` to `http://net-monitor:5000/`, and returns the backend response. `docker-compose.yml` orchestrates both the `n8n-renad` container and the `net-monitor` container, exposing ports 5678 and 5000. The `Dockerfile` builds the vulnerable Flask container and places a demonstration flag at `/root/flag.txt`. Exploit capability is remote command execution against the backend service reachable through the n8n webhook. The exploit attempts to extract command output from HTML `<pre>` tags in the response and provides an interactive prompt for repeated command execution. This is not a detection script; it is a working exploit for a deliberately vulnerable lab setup. The payload is basic and hardcoded, so the maturity is best classified as OPERATIONAL rather than weaponized.