`vulnerability-testbeds`

Bootstrap various intentionally vulnerable web applications using Docker Compose.

Useful for building vulnerability environments for trying out pentesting and security tools.

Apps included

This repository simply curates and compiles various Docker images from the Docker Hub into a Docker Compose file (docker-compose.yml), so that one can easily deploy all of them at once.

Deployment

vulnerability-testbeds is meant to be deployed on a single server. They can be served through various methods.

Method 1: Separate virtual hosts

In order to run all of the applications on a single server, you need a frontend proxy to serve each virtual host. This method depends jwilder/nginx-proxy to do just that.

Configuration

Make sure that you have copied .env-example to .env on the root directory and added the relevant values for the following environment variables:

NGINX_PROXY_HOSTNAME: The domain suffix for each virtual host. For example, if the value is vulns.example.com, DVWA will be served on dvwa.vulns.example.com.
NGINX_PROXY_NETWORK_NAME: The Docker network where each application container should be added to. jwilder/nginx-proxy should also be added to the same network.

Setup instructions

To set up the proxy, create a Docker network called nginx-proxy, start the container and add it to the network.

# Run the container.
docker run -d \
        --name nginx-proxy \
        -p 80:80 \
        --restart always \
        -v /var/run/docker.sock:/tmp/docker.sock:ro \
        jwilder/nginx-proxy

# Create the network to add the container to.
docker network create nginx-proxy
docker network connect nginx-proxy nginx-proxy

All other containers must belong to the same nginx-proxy network as well, which is specified as an additional Compose file in docker-compose.nginx-proxy.yml. To compose multiple Compose files together, do:

docker-compose -f docker-compose.yml -f docker-compose.nginx-proxy.yml up -d

This will apply the settings to set up each application container in the nginx-proxy network.

Note that jwilder/nginx-proxy is not provided in the Compose file because multiple instances of the container running on the same host will conflict with each other. Hence, you will have to set it up separately as a non-Composed service.

Method 2: Separate ports

An alternative, more typical deployment method is to use separate ports for each application server. This is useful if you don't wish to set up a frontend proxy, or only need to set it up locally quickly.

The default ports are as follows:

Application	Port
`app-dvwa`	8000
`app-juiceshop`	8001
`app-nowasp`	8002
`app-securityninjas`	8003
`app-webgoat`	8004
`app-xvwa`	8005

You can override the port number for each of the services that it should listen on via environment variables in .env, named in the format: PORTS_${SERVICE_NAME}, e.g. PORTS_DVWA.

You can then use a frontend NGINX reverse proxy to map them onto port 80 using separate virtual hosts, if you wish.

License

MIT

ERROR: for vulnerability-testbeds_app-xvwa_1

Hi, I followed your installation instructions, but it does not seem to work. What do I need to change?

Creating vulnerability-testbeds_app-securityninjas_1 ... 

ERROR: for vulnerability-testbeds_app-xvwa_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for vulnerability-testbeds_app-nowasp_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for vulnerability-testbeds_app-webgoat_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for vulnerability-testbeds_app-dvwa_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for vulnerability-testbeds_app-securityninjas_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for vulnerability-testbeds_app-juiceshop_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-xvwa  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-nowasp  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-webgoat  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-dvwa  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-securityninjas  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for app-juiceshop  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information.
If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higher value (current value: 60).

root@vuln:~# sudo docker container ls
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS                NAMES
7095456e9e4f        jwilder/nginx-proxy   "/app/docker-entrypo…"   21 minutes ago      Up About a minute   0.0.0.0:80->80/tcp   nginx-proxy

nmap <lxc-container-with-your-docker-container> -p-
Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-31 06:11 EDT
Nmap scan report for <ip>
Host is up (0.00060s latency).
Not shown: 65533 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 2.27 seconds


503 Service Temporarily Unavailable
nginx/1.19.3

irvinlim / vulnerability-testbeds Goto Github PK