✨ add vulnerbale node app

Author: w3cj

sql-injection/README.md

@@ -0,0 +1,20 @@
+# SQL Injection
+
+* Notes from Try Hack Me:
+  * https://tryhackme.com/room/sqlilab
+
+* Prerequisites
+  * Basics of the SQL language
+* What is it?
+  * Vulnerability in backend codes that allows an attacker to "inject" their own queries into an existing query
+* How to prevent it?
+  * Escape / prepare your queries
+    * Use a library / ORM
+      * These typically automatically escape your queries
+  * Run your queries with the minimum needed permissions
+  * Use Stored Procedures
+    * Functions in your database
+    * You'll be using ? to reference params / args
+
+  
+

sql-injection/vulnerable-node-app/.env.sample

@@ -0,0 +1 @@
+NODE_ENV=development

sql-injection/vulnerable-node-app/.eslintrc

@@ -0,0 +1,37 @@
+{
+  "root": true,
+  "env": {
+    "jest": true
+  },
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "project": [
+      "./tsconfig.json"
+    ]
+  },
+  "extends": "airbnb-typescript/base",
+  "plugins": [
+    "import",
+    "@typescript-eslint"
+  ],
+  "rules": {
+    "comma-dangle": 0,
+    "no-underscore-dangle": 0,
+    "no-param-reassign": 0,
+    "no-return-assign": 0,
+    "camelcase": 0,
+    "import/extensions": 0,
+    "@typescript-eslint/no-redeclare": 0
+  },
+  "settings": {
+    "import/parsers": {
+      "@typescript-eslint/parser": [
+        ".ts",
+        ".tsx"
+      ]
+    },
+    "import/resolver": {
+      "typescript": {}
+    }
+  }
+}

sql-injection/vulnerable-node-app/.gitignore

@@ -0,0 +1,77 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless
+
+dist
+
+dev.sqlite3

sql-injection/vulnerable-node-app/LICENSE

@@ -0,0 +1,21 @@
+MIT License Copyright (c) 2020 CJ R.
+
+Permission is hereby granted, free
+of charge, to any person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to the
+following conditions:
+
+The above copyright notice and this permission notice
+(including the next paragraph) shall be included in all copies or substantial
+portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO
+EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

sql-injection/vulnerable-node-app/README.md

@@ -0,0 +1,59 @@
+# Express API Starter with Typescript
+
+How to use this template:
+
+```sh
+npx create-express-api --typescript --directory my-api-name
+```
+
+Includes API Server utilities:
+
+* [morgan](https://www.npmjs.com/package/morgan)
+  * HTTP request logger middleware for node.js
+* [helmet](https://www.npmjs.com/package/helmet)
+  * Helmet helps you secure your Express apps by setting various HTTP headers. It's not a silver bullet, but it can help!
+* [dotenv](https://www.npmjs.com/package/dotenv)
+  * Dotenv is a zero-dependency module that loads environment variables from a `.env` file into `process.env`
+* [cors](https://www.npmjs.com/package/cors)
+  * CORS is a node.js package for providing a Connect/Express middleware that can be used to enable CORS with various options.
+
+Development utilities:
+
+* [typescript](https://www.npmjs.com/package/typescript)
+  * TypeScript is a language for application-scale JavaScript.
+* [ts-node](https://www.npmjs.com/package/ts-node)
+  * TypeScript execution and REPL for node.js, with source map and native ESM support.
+* [nodemon](https://www.npmjs.com/package/nodemon)
+  * nodemon is a tool that helps develop node.js based applications by automatically restarting the node application when file changes in the directory are detected.
+* [eslint](https://www.npmjs.com/package/eslint)
+  * ESLint is a tool for identifying and reporting on patterns found in ECMAScript/JavaScript code.
+* [typescript-eslint](https://typescript-eslint.io/)
+  * Tooling which enables ESLint to support TypeScript.
+* [jest](https://www.npmjs.com/package/jest)
+  * Jest is a delightful JavaScript Testing Framework with a focus on simplicity.
+* [supertest](https://www.npmjs.com/package/supertest)
+  * HTTP assertions made easy via superagent.
+
+## Setup
+
+```
+npm install
+```
+
+## Lint
+
+```
+npm run lint
+```
+
+## Test
+
+```
+npm run test
+```
+
+## Development
+
+```
+npm run dev
+```

sql-injection/vulnerable-node-app/jest.config.js

@@ -0,0 +1,6 @@
+/** @type {import('ts-jest/dist/types').InitialOptionsTsJest} */
+module.exports = {
+  preset: 'ts-jest',
+  testEnvironment: 'node',
+  modulePathIgnorePatterns: ['<rootDir>/dist/'],
+};

sql-injection/vulnerable-node-app/knexfile.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex';
+
+export const config: { [key: string]: Knex.Config } = {
+  development: {
+    debug: true,
+    client: 'sqlite3',
+    connection: {
+      filename: './dev.sqlite3',
+    },
+  },
+};
+
+export default config;

sql-injection/vulnerable-node-app/migrations/20240117191732_user.ts

@@ -0,0 +1,18 @@
+import type { Knex } from 'knex';
+
+
+export async function up(knex: Knex): Promise<void> {
+  return knex.schema
+    .createTable('users', (table) => {
+      table.increments('id');
+      table.string('username');
+      table.string('email');
+    });
+}
+
+
+export async function down(knex: Knex): Promise<void> {
+  return knex.schema
+    .dropTable('users');
+}
+