{"id":240,"date":"2018-03-16T17:43:55","date_gmt":"2018-03-16T17:43:55","guid":{"rendered":"http:\/\/malwrforensics.com\/en\/?p=240"},"modified":"2018-03-16T19:44:29","modified_gmt":"2018-03-16T19:44:29","slug":"step-by-step-environment-setup-for-extreme-vulnerable-node-application-xvna-security-testing","status":"publish","type":"post","link":"https:\/\/malwrforensics.com\/en\/2018\/03\/16\/step-by-step-environment-setup-for-extreme-vulnerable-node-application-xvna-security-testing\/","title":{"rendered":"Step by step environment setup for Extreme Vulnerable Node Application (XVNA) security testing"},"content":{"rendered":"

Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA<\/a> (Extreme Vulnerable Node Application).<\/p>\n

Base OS: Ubuntu 16.04<\/p>\n

First, we need to install mongodb<\/strong>, nodejs<\/strong> and git<\/strong>:<\/p>\n

apt-get install monodb\r\n\r\napt-get install nodejs\r\n\r\napt-get install git<\/pre>\n
We then clone the XVNA’s repository:<\/p>\n
git clone\u00a0https:\/\/github.com\/vegabird\/xvna.git<\/pre>\n
Once everything is installed, we have to prepare a few things.<\/p>\n
First, we need to create the xvna database in mongodb. The syntax is use <database name><\/strong><\/p>\n
\"\"<\/p>\n
Second we need to import the json files from XVNA’s collection folder:<\/p>\n
\"\"<\/p>\n
We need to import all the json files:<\/p>\n
cd xvna\/collection\r\n\r\nmongoimport --db xvna --file .\/a5_insecure_dor.json --jsonArray\r\n\r\nmongoimport --db xvna --file .\/cart.json --jsonArray\r\n\r\nmongoimport --db xvna --file .\/login.json --jsonArray\r\n\r\nmongoimport --db xvna --file .\/users.json --jsonArray<\/pre>\n
And that should be it, now let’s do a quick check and see if the xvna database appears in mongo (if the import failed and database is empty, it won’t be listed).<\/p>\n
\"\"<\/p>\n
And let’s open the browser and see if the XVNA webpage shows up.<\/p>\n
\"\"<\/p>\n
By default, the app will run on port 3000. If you want to change it to port 80, you’ll need to edit index.js<\/em>.<\/p>\n
Search for app.listen<\/em> and change the port from 3000 to 80. Here is how it should look:<\/p>\n
\"\"<\/p>\n
If you don’t know the default login details, check login.json (from the collections folder).<\/p>\n
\"\"<\/p>\n
Enjoy!<\/p>\n","protected":false},"excerpt":{"rendered":"
Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA (Extreme Vulnerable Node Application). Base OS: Ubuntu 16.04 First, we need to install mongodb, nodejs and git: apt-get install monodb apt-get install nodejs apt-get install git We then clone the XVNA’s repository: git clone\u00a0https:\/\/github.com\/vegabird\/xvna.git Once […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[71,11,69,70,68,15,67,66],"class_list":["post-240","post","type-post","status-publish","format-standard","hentry","category-security","tag-json","tag-linux","tag-mongo","tag-mongodb","tag-nodejs","tag-ubuntu","tag-vulnerable-node-application","tag-xvna"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[]}},"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":""},"post_excerpt_stackable_v2":"
Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA (Extreme Vulnerable Node Application). Base OS: Ubuntu 16.04 First, we need to install mongodb, nodejs and git: apt-get install monodb apt-get install nodejs apt-get install git We then clone the XVNA’s repository: git clone\u00a0https:\/\/github.com\/vegabird\/xvna.git Once everything is installed, we have to prepare a few things. First, we need to create the xvna database in mongodb. The syntax is use <database name> Second we need to import the json files from XVNA’s collection folder: We need to import all the json…<\/p>\n","category_list_v2":"Security<\/a>","author_info_v2":{"name":"malwrforensics","url":"https:\/\/malwrforensics.com\/en\/author\/u_malwrforensics\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/comments?post=240"}],"version-history":[{"count":4,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/240\/revisions"}],"predecessor-version":[{"id":250,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/240\/revisions\/250"}],"wp:attachment":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/media?parent=240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/categories?post=240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/tags?post=240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}