A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only.
git clone https://github.com/4auvar/VulnNodeApp.git
npm install
Install and configure latest mysql version and start the mysql service/deamon
Login with root user in mysql and run below sql script:
CREATE USER ‘vulnnodeapp’@‘localhost’ IDENTIFIED BY ‘password’;
create database vuln_node_app_db;
GRANT ALL PRIVILEGES ON vuln_node_app_db.* TO ‘vulnnodeapp’@‘localhost’;
USE vuln_node_app_db;
create table users (id int AUTO_INCREMENT PRIMARY KEY, fullname varchar(255), username varchar(255),password varchar(255), email varchar(255), phone varchar(255), profilepic varchar(255));
insert into users(fullname,username,password,email,phone) values(“test1",“test1”,“test1”,"[email protected]”,“976543210”);
insert into users(fullname,username,password,email,phone) values(“test2",“test2”,“test2”,"[email protected]”,“9887987541”);
insert into users(fullname,username,password,email,phone) values(“test3",“test3”,“test3”,"[email protected]”,“9876987611”);
insert into users(fullname,username,password,email,phone) values(“test4",“test4”,“test4”,"[email protected]”,“9123459876”);
insert into users(fullname,username,password,email,phone) values(“test5”,“test5”,“test 5","[email protected]”,“7893451230”);
npm start
You can reach me out at @4auvar