|
| 1 | +Vulnerable Node |
| 2 | +=============== |
| 3 | + |
| 4 | + |
| 5 | +.. figure:: https://raw.githubusercontent.com/cr0hn/vulnerable-node/master/logo/logo.png |
| 6 | + :align: left |
| 7 | + |
| 8 | +*Vulnerable Node: A very vulnerable web site written in NodeJS* |
| 9 | + |
| 10 | +:Codename: PsEA |
| 11 | +:Version: 1.0 |
| 12 | +:Code: https://github.com/cr0hn/vulnerable-node |
| 13 | +:Issues: https://github.com/cr0hn/vulnerable-node/issues/ |
| 14 | +:Author: Daniel Garcia (cr0hn) - @ggdaniel |
| 15 | + |
| 16 | +# What's this project? |
| 17 | + |
| 18 | +The goal of this project is to be a project with really vulnerable code in NodeJS, not simulated. |
| 19 | + |
| 20 | +## Why? |
| 21 | + |
| 22 | +Similar project, like OWASP Node Goat, are pretty and useful for learning process, but not for a real researcher or studding vulnerabilities in source code. |
| 23 | + |
| 24 | +This project was created with the **purpose of have a project with identified vulnerabilities in source code with the finality of can measure the quality of security analyzers tools**. |
| 25 | + |
| 26 | +Although not its main objective, this project also can be useful for: |
| 27 | + |
| 28 | +- Pentesting training. |
| 29 | +- Teaching: learn how NOT programming in NodeJS. |
| 30 | + |
| 31 | +The purpose of project is to provide a real app to test the quality of security source code analyzers in white box processing. |
| 32 | + |
| 33 | +## How? |
| 34 | + |
| 35 | +This project simulates a real (and very little) shop site that has identifiable sources points of common vulnerabilities. |
| 36 | + |
| 37 | +## Installation |
| 38 | + |
| 39 | +The most simple way to run the project is using docker-compose, doing this: |
| 40 | + |
| 41 | +.. code-block: bash |
| 42 | +
|
| 43 | + # docker-compose build && docker-compose up |
| 44 | + Building postgres_db |
| 45 | + Step 1 : FROM library/postgres |
| 46 | + ---> 247a11721cbd |
| 47 | + Step 2 : MAINTAINER "Daniel Garcia aka (cr0hn)" <[email protected]> |
| 48 | + ---> Using cache |
| 49 | + ---> d67c05e9e2d5 |
| 50 | + Step 3 : ADD init.sql /docker-entrypoint-initdb.d/ |
| 51 | + .... |
| 52 | +
|
| 53 | +# Vulnerabilities |
| 54 | + |
| 55 | +## Vulnerability list: |
| 56 | + |
| 57 | +This project has the most common vulnerabilities of `OWASP Top 10 <https://www.owasp.org/index.php/Top_10_2013-Top_10>`: |
| 58 | + |
| 59 | +- A1 - Injection |
| 60 | +- A2 - Broken Authentication and Session Management |
| 61 | +- A3 - Cross-Site Scripting (XSS) |
| 62 | +- A4 - Insecure Direct Object References |
| 63 | +- A5 - Security Misconfiguration |
| 64 | +- A6 - Sensitive Data Exposure |
| 65 | +- A8 - Cross-Site Request Forgery (CSRF) |
| 66 | +- A10 - Unvalidated Redirects and Forwards |
| 67 | + |
| 68 | +## Vulnerability code location |
| 69 | + |
| 70 | +The exactly code location of each vulnerability is pending to write |
| 71 | + |
| 72 | +# References |
| 73 | + |
| 74 | +I took ideas and how to explode it in NodeJS using these references: |
| 75 | + |
| 76 | +- https://blog.risingstack.com/node-js-security-checklist/ |
| 77 | +- https://github.com/substack/safe-regex |
0 commit comments