Skip to content

DotDotSlashRepo/vulnrestdocker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
bin
bin
 
 
config
config
 
 
data
data
 
 
images
images
 
 
logs
logs
 
 
postman
postman
 
 
www
www
 
 
.env
.env
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
sample.env
sample.env
 
 

Repository files navigation

Vulnerable PHP REST Webservice built with Docker Compose

Landing Page

A basic Shopping application in LAMP stack environment built using Docker Compose. Application is configured to have vulnerabilities including:

  • SQL Injection
  • Cross Site Scripting
  • CORS Misconfiguration

Installation

Clone this repository on your local computer. Run the docker-compose up -d.

git clone https://github.com/DotDotSlashRepo/vulnrestdocker.git
cd vulnrestdocker/
cp sample.env .env
docker-compose up -d

Vulnerable webservice should be up and running now!! You can access it via http://localhost:8082. Note: Visit http://localhost:8082/db_operations/setup_database.php to initialize the database.

Testing the API

For testing the API end points you may use either of below:

  • Postman collection and environment variable in postman folder
  • Using the API test page

Credits

TODO

  • Add JWT support
  • Add SSRF vulnerability
  • Add list of APIs in this documentation. For now please refer the postman collection for endpoints.

About

Vulnerable REST based PHP webservice deployed in Docker

Topics

php rest-api vulnerable-container vulnerable-web-app intentionally-vulnerable

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages