tidy

2025-01-16 03:18:48 +08:00 · 2025-01-16 03:18:48 +08:00 · 4f984a46f8
parent 22f312cbb9
commit 4f984a46f8
9 changed files with 47 additions and 27 deletions
--- a/.gitignore
+++ b/.gitignore
@ -15,4 +15,7 @@
 # src-tauri
 **/target/
-**/gen/schemas
+**/gen/schemas
 # server
 server/server
--- a/README.md
+++ b/README.md
@ -1,21 +1,12 @@
-# cspj application
+# CSPJ Application
-## attacks
+## Services
-1. sql injection
+- 3331: Apache + ModSecurity
-2. xss
+- 3332: Suricata
-3. command injection
+- 3333: Backend server
-4. file inclusion attacks
+- 3334: Python backend server
-5. csrf
+- 3335: PostgreSQL
 6. directory traversal
 7. insecure deserialization
 8. session hijacking
 9. xml external entity injection
 10. sever side request forgery
 11. broken authentication and session management
 12. clickjacking
 ## backend
 backend-for-frontend server
@ -41,7 +32,8 @@ PGPASSWORD=asdfpassword
 ### SQL Injection
-Use `' OR 1=1; --`
+Use `' OR 1=1; --`  
 Use `tohyouxuan@gmail.com' UNION SELECT id, email, password FROM users WHERE email = 'tohyouxuan@gmail.com'; --`
 - `/unsecure-register-sql`
 - `/secure-register-sql`
@ -52,3 +44,12 @@ Use `' OR 1=1; --`
 Used `pool.Query()` with a parameterized query, instead of dynamically constructing the SQL query by directly inserting the user input.  
 Parameterized queries separate the SQL code from the data, so user input is never directly put into the query's structure. Placeholders are used instead, and the data is passed as parameters. The DB will treat them as data, not executable code.
 ## ZAP
 Content-Type: application/json
 {
 "email": "tohyouxuan@gmail.com",
 "password": "testpassword"
 }
--- a/client/src/components/Testing/Testing.tsx
+++ b/client/src/components/Testing/Testing.tsx
@ -1,7 +1,9 @@
 import { BugReportOutlined } from "@mui/icons-material";
 import { Box, Button, IconButton, useTheme } from "@mui/material";
 import { fetch } from "@tauri-apps/plugin-http";
 import { useAtom } from "jotai";
 import { useState } from "react";
 import { serverUrlAtom } from "../../lib/jotai";
 import { defaultSettings } from "../../lib/settings";
 import { FloatingDialog } from "../Generic/FloatingDialog";
@ -9,6 +11,9 @@ export const Testing = () => {
  // contexts
  const theme = useTheme();
  // atoms
  const [serverUrl, setServerUrl] = useAtom(serverUrlAtom);
  // states
  const [openState, setOpenState] = useState(false);
  const [maximisedState, setMaximisedState] = useState(false);
@ -17,10 +22,10 @@ export const Testing = () => {
  const close = () => setOpenState(false);
  const testing = () => {
-    fetch("http://localhost:5000/nuke-db").then((response) => {
+    fetch(serverUrl + "/nuke-db").then((response) => {
      console.log(response);
    });
-    fetch("http://localhost:5000/setup-demo-db").then((response) => {
+    fetch(serverUrl + "/setup-demo-db").then((response) => {
      console.log(response);
    });
  };
--- a/docker/modsecurity/docker-compose.yml
+++ b/docker/modsecurity/docker-compose.yml
@ -4,13 +4,13 @@ services:
    container_name: modsecurity
    restart: always
    ports:
-      - "8080:8080"
+      - "3331:3331"
    extra_hosts:
      - "host.docker.internal:host-gateway"
    environment:
-      BACKEND: "http://host.docker.internal:5000"
+      BACKEND: "http://host.docker.internal:3333" # TODO: CHANGE THIS TO SURICATA'S PORT COS INLINE
      SERVER_NAME: "localhost"
-      PORT: "8080"
+      PORT: "3331"
    networks:
      - modsec-network
--- a/docker/postgres/docker-compose.yml
+++ b/docker/postgres/docker-compose.yml
@ -7,7 +7,7 @@ services:
      POSTGRES_PASSWORD: asdfpassword
      POSTGRES_DB: asdfdb
    ports:
-      - "5432:5432"
+      - "3335:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
 volumes:
--- a/docker/zaproxy/run.sh
+++ b/docker/zaproxy/run.sh
@ -0,0 +1 @@
 docker run -v $(pwd):/zap/wrk/:rw -t zaproxy/zap-stable zap.sh -cmd -autorun /zap/wrk/zap.yaml
--- a/docker/zaproxy/zap.yaml
+++ b/docker/zaproxy/zap.yaml
@ -0,0 +1,10 @@
 jobs:
  - type: spider
    parameters:
      context: "Default Context"
      url: "http://localhost:5000/unsafe-login"
      maxDuration: 2
  - type: activeScan
    parameters:
      context: "Default Context"
      policy: "SQL Injection"
--- a/server/internal/db/db.go
+++ b/server/internal/db/db.go
@ -14,7 +14,7 @@ import (
 // !MIGHT CHANGE
 const (
 	host     = "localhost"
-	port     = 5432
+	port     = 3335
 	user     = "asdfuser"
 	password = "asdfpassword"
 	dbname   = "asdfdb"
--- a/server/internal/http_server/http_server.go
+++ b/server/internal/http_server/http_server.go
@ -26,8 +26,8 @@ func ServeApi() {
 	http.HandleFunc("/unsecure-login-sql", sql_injection.UnsecureLoginSql)
 	http.HandleFunc("/secure-login-sql", sql_injection.SecureLoginSql)
-	log.Println("Server is running on http://localhost:5000")
+	log.Println("Server is running on http://localhost:3333")
-	if err := http.ListenAndServe(":5000", nil); err != nil {
+	if err := http.ListenAndServe(":3333", nil); err != nil {
 		log.Fatalf("Failed to start server: %v", err)
 	}
 }
		`@ -0,0 +1 @@`
							`docker run -v $(pwd):/zap/wrk/:rw -t zaproxy/zap-stable zap.sh -cmd -autorun /zap/wrk/zap.yaml`