The WebServer ist powerd by Node.js. It gives some basic tipps and examples for every CTF-Level.
The levels with the WebServer are desinged in a way that they have vulnerabilities on purpose.
Make sure you have these installed on your machine
- Node.js - The backend framework
- MongoDB - Non-SQL Database platform
- npm - This comes with Node.js, but make sure you check if you have it anyway
- mariadb - SQL Database platform
- A lot of npm packages. Look at the package.json
Run these commands inside the NodeJSServer folder:
npm installnpm startNote: This can be automated by calling:
sudo python3 Tools/deployCTF.py- SHA-Header: https://github.com/okdshin/PicoSHA2
- Postman: https://www.getpostman.com/about-postman
- Wireshark: https://www.wireshark.org/
- nmap: https://nmap.org/
- Debian: https://www.debian.org/index.de.html
- Henrik Gerdes - Initial work - Beeblebrox CTF
- Template by Antonio Erdeljac - Passport-Tutorial
- Passord/Userlist: Weakpass
- CSS Login: CodingShiksha
- CSS LevelPage: W3-Schools
- hack_this.jpg pixabay