AikidoSec · willem-delbare · Jul 25, 2024 · Jul 24, 2024 · Jul 25, 2024 · Jul 25, 2024
diff --git a/sample-apps/flask-mongo/.env.example b/sample-apps/flask-mongo/.env.example
@@ -0,0 +1 @@
+AIKIDO_DEBUG=true
diff --git a/sample-apps/flask-mongo/Dockerfile b/sample-apps/flask-mongo/Dockerfile
@@ -0,0 +1,21 @@
+# Use an official Python runtime as a parent image
+FROM python:3
+
+#Copy code base
+COPY ./ /tmp
+
+# Set the working directory
+WORKDIR /app
+
+# Install dependencies
+RUN mv /tmp/sample-apps/flask-mongo/requirements.txt ./
+RUN pip install -r requirements.txt
+
+# Build and install aikido_firewall from source
+WORKDIR /tmp
+RUN pip install poetry
+RUN make build
+RUN pip install ./dist/aikido_firewall-0.1.0.tar.gz
+RUN pip list
+
+WORKDIR /app
diff --git a/sample-apps/flask-mongo/README.md b/sample-apps/flask-mongo/README.md
@@ -0,0 +1,9 @@
+# Flask Sample app w/ MongoDB
+Run (with docker-compose installed) :
+```bash
+docker-compose up --build
+```
+
+- You'll be able to access the Flask Server at : [localhost:8080](http://localhost:8080)
+- To Create a reference test dog use `http://localhost:8080/create/`
+- To test the nosql injection go to `http://localhost:8080/auth/`
diff --git a/sample-apps/flask-mongo/app.py b/sample-apps/flask-mongo/app.py
@@ -0,0 +1,55 @@
+import aikido_firewall # Aikido package import
+aikido_firewall.protect()
+
+import json
+from flask import Flask, render_template, request
+from flask_pymongo import PyMongo
+from bson import ObjectId
+
+app = Flask(__name__)
+if __name__ == '__main__':
+    app.run(threaded=True) # Run threaded so we can test our agent's capabilities
+app.config["MONGO_URI"] = "mongodb://admin:password@db:27017/my_database?authSource=admin"
+mongo = PyMongo(app)
+
+@app.route("/")
+def homepage():
+    dogs = mongo.db.dogs.find()
+    return render_template('index.html', title='Homepage', dogs=dogs)
+
+
+@app.route('/dogpage/<dog_id>')
+def get_dogpage(dog_id):
+    dog = mongo.db.dogs.find_one({"_id": ObjectId(dog_id)})
+    return render_template('dogpage.html', title=f'Dog', dog=dog)
+
+@app.route("/create", methods=['GET'])
+def show_create_dog_form():
+    return render_template('create_dog.html')
+
+@app.route("/create", methods=['POST'])
+def create_dog():
+    new_dog = {
+        'dog_name': request.form['dog_name'],
+        'pswd': request.form['pswd']
+    }
+    res = mongo.db.dogs.insert_one(new_dog)
+    return f'Dog with id {res.inserted_id} created successfully'
+
+@app.route("/auth", methods=['GET'])
+def show_auth_form():
+    return render_template('auth.html')
+
+@app.route("/auth", methods=['POST'])
+def post_auth():
+    data = request.get_json()
+    dog_info = {
+        'dog_name': data.get('dog_name'),
+        'pswd': data.get('pswd')
+    }
+    dog = mongo.db.dogs.find_one(dog_info)
+    if dog:
+        dog_name = dog["dog_name"]
+        return f'Dog with name {dog_name} authenticated successfully'
+    else:
+        return f'Auth failed'
diff --git a/sample-apps/flask-mongo/docker-compose.yml b/sample-apps/flask-mongo/docker-compose.yml
@@ -0,0 +1,40 @@
+version: '3'
+services:
+  db:
+    image: mongo:latest
+    container_name: flask_mongo_db
+    restart: always
+    environment:
+        MONGO_INITDB_ROOT_USERNAME: admin
+        MONGO_INITDB_ROOT_PASSWORD: password
+        MONGO_INITDB_DATABASE: my_database
+    volumes:
+      - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+      - db_data:/data/db
+    networks:
+      - default_network
+
+
+
+  backend:
+    build: 
+      context: ./../../
+      dockerfile: ./sample-apps/flask-mongo/Dockerfile
+    container_name: flask_mongo_backend
+    command: sh -c "flask --app app run --debug --host=0.0.0.0"
+    restart: always
+    volumes:
+      - .:/app
+    ports:
+      - "8080:5000"
+    depends_on:
+      - db
+    networks:
+      - default_network
+
+volumes:
+  db_data:
+
+networks:
+  default_network:
+    driver: bridge
diff --git a/sample-apps/flask-mongo/mongo-init.js b/sample-apps/flask-mongo/mongo-init.js
@@ -0,0 +1,16 @@
+let error = true
+
+let res = [
+  db.dogs.drop(),
+  db.dogs.createIndex({ dog_name: 1 }, { unique: true }),
+  db.dogs.createIndex({ pswd: 1 }),
+  db.dogs.insert({ dog_name: 'Doggo 1', pswd: "xyz" }),
+  db.dogs.insert({ dog_name: 'Doggo 2 (Superdog)', pswd: "admin_pass" }),
+]
+
+printjson(res)
+
+if (error) {
+  print('Error, exiting')
+  quit(1)
+}
diff --git a/sample-apps/flask-mongo/requirements.txt b/sample-apps/flask-mongo/requirements.txt
@@ -0,0 +1,3 @@
+flask==2.3.3
+Flask-PyMongo
+cryptography
diff --git a/sample-apps/flask-mongo/templates/auth.html b/sample-apps/flask-mongo/templates/auth.html
@@ -0,0 +1,53 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <script>
+        function submitForm(inject) {
+            var dogName = document.getElementById('dog_name').value;
+            var dogPswd = document.getElementById('pswd').value;
+            var statusElement = document.getElementById('status');
+            if(inject)
+                var data = { "dog_name": dogName, "pswd": { "$ne": "" } };
+            else
+                var data = { "dog_name": dogName, "pswd": dogPswd };
+
+
+            fetch('/auth', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify(data)
+            })
+            .then(response => {
+                if (response.ok) {
+                    return response.text();
+                }
+                statusElement.innerText = "Network response was not ok."
+                throw new Error('Network response was not ok.');
+            })
+            .then(data => {
+                statusElement.innerText = data
+                console.log(data);
+            })
+            .catch(error => {
+                console.error('Error:', error);
+            });
+        }
+    </script>
+</head>
+<body>
+    <h1>Log In</h1>
+    <label for="dog_name">Dog Name:</label>
+    <input type="text" id="dog_name" name="dog_name" required><br/>
+    <label for="pswd">Dog Password:</label>
+    <input type="password" id="pswd" name="pswd" required><br/>
+    <button onclick="submitForm(false)">Login</button>
+    <button onclick="submitForm(true)">Login (with NoSQL injection)</button>
+    <p>Status: <span id="status"></span></p>
+</body>
+</html>
diff --git a/sample-apps/flask-mongo/templates/create_dog.html b/sample-apps/flask-mongo/templates/create_dog.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Create Dog</title>
+</head>
+<body>
+    <h1>Create a Dog</h1>
+    <form action="/create" method="post">
+        <label for="dog_name">Dog Name:</label>
+        <input type="text" id="dog_name" name="dog_name" required>
+        <label for="password">Password:</label>
+        <input type="password" id="pswd" name="pswd" required>
+        <button type="submit">Create Dog</button>
+    </form>
+</body>
+</html>
diff --git a/sample-apps/flask-mongo/templates/dogpage.html b/sample-apps/flask-mongo/templates/dogpage.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>{{ title }}</title>
+    <style>
+        body {
+            font-family: sans-serif;
+        }
+        h1 {
+            font-family: monospace;
+            text-align: center;
+            border: 1px solid black;
+            border-left: none;
+            border-right: none;
+            margin: 4px;
+        }
+    </style>
+</head>
+<body>
+    <h1>{{ title }}</h1>
+    <p><em>Name :</em> {{dog.dog_name }}</p>
+    <p><em>Password (You normally don't know this) : </em>{{ dog.pswd }}</p>
+    <p><em>Id :</em> {{dog._id}}</p>
+</body>
+</html>
diff --git a/sample-apps/flask-mongo/templates/index.html b/sample-apps/flask-mongo/templates/index.html
@@ -0,0 +1,48 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>{{ title }}</title>
+    <style>
+        body {
+            font-family: sans-serif;
+        }
+        /* Style for the list */
+        ul {
+            list-style-type:disc;
+        }
+
+        /* Style for list items */
+        li {
+            margin-bottom: 10px;
+        }
+
+        /* Style for links */
+        a {
+            text-decoration: none;
+            color: #48507f;
+        }
+
+        /* Hover effect for links */
+        a:hover {
+            color: #007bff;
+        }
+        h1 {
+            font-family: monospace;
+            text-align: center;
+            border: 1px solid black;
+            border-left: none;
+            border-right: none;
+            margin: 4px;
+        }
+    </style>
+</head>
+<body>
+    <h1>{{ title }}</h1>
+    <h2>List</h2>
+    <ul>
+        {% for dog in dogs %}
+            <li><a href="/dogpage/{{ dog._id }}">{{ dog.dog_name }}</a></li>
+        {% endfor %}
+    </ul>
+</body>
+</html>