NoSQL Challenges #328
Comments
|
I remember that one... somehow slipped through... It requires a separate DB running, so probably not possible the easy way with single Dockerfile, right? You built in a way where the additional challenges are only available if you find a running NoSQL DB at an expected URL, right? |
|
The MongoDB now runs in the same Container as the the Applications. The challenge disabling is still in the current implementation, but more a relict of the times where the MongoDB was external. Probably not even really needed when the Database always gets installed with the Application. |
|
Oh, this is awesome news! No |
|
Yup |
|
It'd be great if you could rebase your changes to |
|
Ok i will try that. |
|
Looks there are a few conflicts occuring between your branch and the main repo (no matter if develop or master). It might be easier in the end if you fork freshly and re-apply your changes/enhancements. Sorry for that, but merging might probably be even less fun. |
|
Ok no problem I will do so. |
|
This thread has been automatically locked because it has not had recent activity after it was closed. 🔒 Please open a new issue for regressions or related bugs. |
Hi Guys,
me and a few colleges of mine have wanted to use the JuiceShop to demonstrate NoSQL Injection Attacks. To Do this we have implemented a MongoDB Integration to JuiceShop using a prebuild MongoDB loaded via npm.
The MongoDB is used to store comments for the products. There are 2 challenges regarding NoSQL Injections at the moment.
This was implemented a few Months ago there were some problems with the libraries that should be solved by now.
During OWASP Summit i'd like to update these integration. I dont know if it will be done by the end of it / if it is in a state to get merged by the end of it.
The branch with the current features can be found here:
Feature Branch
I'm always open for feedback on the idea and the features.
Have a good time at the Summit
The text was updated successfully, but these errors were encountered: