Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/thomasheyenbrock/rent-a-hacker
A sample project to demonstrate possible security issues with Node.js and MongoDB.
https://github.com/thomasheyenbrock/rent-a-hacker
Last synced: 10 days ago
JSON representation
A sample project to demonstrate possible security issues with Node.js and MongoDB.
- Host: GitHub
- URL: https://github.com/thomasheyenbrock/rent-a-hacker
- Owner: thomasheyenbrock
- Created: 2017-07-07T16:54:25.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2020-07-21T15:53:32.000Z (over 4 years ago)
- Last Synced: 2024-10-28T19:51:38.082Z (about 2 months ago)
- Language: JavaScript
- Size: 1.07 MB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# rent-a-hacker
This is a simple web application that shall demonstrate security issues related with Node.js and MongoDB. The goal is not to present known or unknown vulnerabilities. It's more a reminder to programmers to think twice about your code...and to never ever trush user input!
## Installation
This project resides in a Docker container, so to get it up an running you need to have Docker installed on your machine. In case you don't, go to [https://www.docker.com/](https://www.docker.com/) and download the latest version.
Here are all steps for building the Docker image:
```sh
git clone https://github.com/thomasheyenbrock/rent-a-hacker
cd rent-a-hacker
docker build -t rent-a-hacker .
docker run -p 8080:80 -d rent-a-hacker
```
After that you can access the project at [http://localhost:8080](http://localhost:8080). You can of course use another port than `8080` on your local machine.
## Challenge
The goal is to capture the flag by executing `/usr/bin/get_flag` on the web-server.
There will be comming a description of how to solve this challenge soon.