diff --git a/Vagrantfile b/Vagrantfile index ddd3bcb..a696bc6 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -41,8 +41,8 @@ Vagrant.configure("2") do |config| curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh rm get-docker.sh - usermod -aG docker vagrant fi + usermod -aG docker vagrant echo "==> Installing Bun..." # Install Bun as vagrant user diff --git a/modules/targets/crapi/compose.yml b/modules/targets/crapi/compose.yml new file mode 100644 index 0000000..a1b9716 --- /dev/null +++ b/modules/targets/crapi/compose.yml @@ -0,0 +1,299 @@ +services: + + crapi-identity: + image: crapi/crapi-identity:${VERSION:-latest} + environment: + - LOG_LEVEL=${LOG_LEVEL:-INFO} + - DB_NAME=crapi + - DB_USER=admin + - DB_PASSWORD=crapisecretpassword + - DB_HOST=postgresdb + - DB_PORT=5432 + - SERVER_PORT=${IDENTITY_SERVER_PORT:-8080} + - ENABLE_SHELL_INJECTION=${ENABLE_SHELL_INJECTION:-false} + - JWT_SECRET=crapi + - MAILHOG_HOST=mailhog + - MAILHOG_PORT=1025 + - MAILHOG_DOMAIN=example.com + - SMTP_HOST=smtp.example.com + - SMTP_PORT=587 + - SMTP_EMAIL=user@example.com + - SMTP_PASS=xxxxxxxxxxxxxx + - SMTP_FROM=no-reply@example.com + - SMTP_AUTH=true + - SMTP_STARTTLS=true + - JWT_EXPIRATION=604800000 + - ENABLE_LOG4J=${ENABLE_LOG4J:-false} + - API_GATEWAY_URL=https://api.mypremiumdealership.com + - TLS_ENABLED=${TLS_ENABLED:-false} + - TLS_KEYSTORE_TYPE=PKCS12 + - TLS_KEYSTORE=classpath:certs/server.p12 + - TLS_KEYSTORE_PASSWORD=passw0rd + - TLS_KEY_PASSWORD=passw0rd + - TLS_KEY_ALIAS=identity + depends_on: + postgresdb: + condition: service_healthy + mongodb: + condition: service_healthy + mailhog: + condition: service_healthy + healthcheck: + test: /app/health.sh + interval: 15s + timeout: 15s + retries: 15 + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.8' + memory: 384M + + crapi-community: + image: crapi/crapi-community:${VERSION:-latest} + environment: + - LOG_LEVEL=${LOG_LEVEL:-INFO} + - IDENTITY_SERVICE=crapi-identity:${IDENTITY_SERVER_PORT:-8080} + - DB_NAME=crapi + - DB_USER=admin + - DB_PASSWORD=crapisecretpassword + - DB_HOST=postgresdb + - DB_PORT=5432 + - SERVER_PORT=${COMMUNITY_SERVER_PORT:-8087} + - MONGO_DB_HOST=mongodb + - MONGO_DB_PORT=27017 + - MONGO_DB_USER=admin + - MONGO_DB_PASSWORD=crapisecretpassword + - MONGO_DB_NAME=crapi + - TLS_ENABLED=${TLS_ENABLED:-false} + - TLS_CERTIFICATE=certs/server.crt + - TLS_KEY=certs/server.key + depends_on: + postgresdb: + condition: service_healthy + mongodb: + condition: service_healthy + crapi-identity: + condition: service_healthy + healthcheck: + test: /app/health.sh + interval: 15s + timeout: 15s + retries: 15 + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.3' + memory: 192M + + crapi-workshop: + image: crapi/crapi-workshop:${VERSION:-latest} + environment: + - LOG_LEVEL=${LOG_LEVEL:-INFO} + - IDENTITY_SERVICE=crapi-identity:${IDENTITY_SERVER_PORT:-8080} + - DB_NAME=crapi + - DB_USER=admin + - DB_PASSWORD=crapisecretpassword + - DB_HOST=postgresdb + - DB_PORT=5432 + - SERVER_PORT=${WORKSHOP_SERVER_PORT:-8000} + - MONGO_DB_HOST=mongodb + - MONGO_DB_PORT=27017 + - MONGO_DB_USER=admin + - MONGO_DB_PASSWORD=crapisecretpassword + - MONGO_DB_NAME=crapi + - SECRET_KEY=crapi + - API_GATEWAY_URL=https://api.mypremiumdealership.com + - TLS_ENABLED=${TLS_ENABLED:-false} + - TLS_CERTIFICATE=certs/server.crt + - TLS_KEY=certs/server.key + - FILES_LIMIT=1000 + depends_on: + postgresdb: + condition: service_healthy + mongodb: + condition: service_healthy + crapi-identity: + condition: service_healthy + crapi-community: + condition: service_healthy + healthcheck: + test: /app/health.sh + interval: 15s + timeout: 15s + retries: 15 + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.3' + memory: 128M + + crapi-chatbot: + image: crapi/crapi-chatbot:${VERSION:-latest} + environment: + - TLS_ENABLED=${TLS_ENABLED:-false} + - SERVER_PORT=${CHATBOT_SERVER_PORT:-5002} + - WEB_SERVICE=crapi-web + - IDENTITY_SERVICE=crapi-identity:${IDENTITY_SERVER_PORT:-8080} + - DB_NAME=crapi + - DB_USER=admin + - DB_PASSWORD=crapisecretpassword + - DB_HOST=postgresdb + - DB_PORT=5432 + - MONGO_DB_HOST=mongodb + - MONGO_DB_PORT=27017 + - MONGO_DB_USER=admin + - MONGO_DB_PASSWORD=crapisecretpassword + - MONGO_DB_NAME=crapi + - API_USER=admin@example.com + - API_PASSWORD=Admin!123 + - OPENAPI_SPEC=/app/resources/crapi-openapi-spec.json + - DEFAULT_MODEL=gpt-4o-mini + - CHROMA_HOST=chromadb + - CHROMA_PORT=8000 + depends_on: + mongodb: + condition: service_healthy + crapi-identity: + condition: service_healthy + chromadb: + condition: service_healthy + networks: + - katana-net + + crapi-web: + image: crapi/crapi-web:${VERSION:-latest} + environment: + - COMMUNITY_SERVICE=crapi-community:${COMMUNITY_SERVER_PORT:-8087} + - IDENTITY_SERVICE=crapi-identity:${IDENTITY_SERVER_PORT:-8080} + - WORKSHOP_SERVICE=crapi-workshop:${WORKSHOP_SERVER_PORT:-8000} + - CHATBOT_SERVICE=crapi-chatbot:${CHATBOT_SERVER_PORT:-5002} + - MAILHOG_WEB_SERVICE=mailhog:8025 + - TLS_ENABLED=${TLS_ENABLED:-false} + depends_on: + crapi-community: + condition: service_healthy + crapi-identity: + condition: service_healthy + crapi-workshop: + condition: service_healthy + healthcheck: + test: curl 0.0.0.0:80/health + interval: 15s + timeout: 15s + retries: 15 + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.3' + memory: 128M + + postgresdb: + image: 'postgres:14' + command: ["postgres", "-c", "max_connections=500"] + environment: + POSTGRES_USER: admin + POSTGRES_PASSWORD: crapisecretpassword + POSTGRES_DB: crapi + healthcheck: + test: [ "CMD-SHELL", "pg_isready" ] + interval: 15s + timeout: 15s + retries: 15 + volumes: + - postgresql-data:/var/lib/postgresql/data/ + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.5' + memory: 256M + + mongodb: + image: 'mongo:4.4' + environment: + MONGO_INITDB_ROOT_USERNAME: admin + MONGO_INITDB_ROOT_PASSWORD: crapisecretpassword + healthcheck: + test: echo 'db.runCommand("ping").ok' | mongo mongodb:27017/test --quiet + interval: 15s + timeout: 15s + retries: 15 + start_period: 20s + volumes: + - mongodb-data:/data/db + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.3' + memory: 128M + + chromadb: + image: 'chromadb/chroma:latest' + environment: + IS_PERSISTENT: 'TRUE' + healthcheck: + test: [ "CMD", "/bin/bash", "-c", "cat < /dev/null > /dev/tcp/localhost/8000" ] + interval: 15s + timeout: 15s + retries: 15 + start_period: 20s + volumes: + - chromadb-data:/data + networks: + - katana-net + + mailhog: + user: root + image: crapi/mailhog:${VERSION:-latest} + environment: + MH_MONGO_URI: admin:crapisecretpassword@mongodb:27017 + MH_STORAGE: mongodb + healthcheck: + test: [ "CMD", "nc", "-z", "localhost", "8025" ] + interval: 15s + timeout: 15s + retries: 15 + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.3' + memory: 128M + + api.mypremiumdealership.com: + image: crapi/gateway-service:${VERSION:-latest} + healthcheck: + test: bash -c 'echo -n "GET / HTTP/1.1\n\n" > /dev/tcp/127.0.0.1/443' + interval: 15s + timeout: 15s + retries: 15 + start_period: 15s + networks: + - katana-net + deploy: + resources: + limits: + cpus: '0.1' + memory: 50M + +volumes: + mongodb-data: + postgresql-data: + chromadb-data: + +networks: + katana-net: + external: true diff --git a/modules/targets/crapi/module.yml b/modules/targets/crapi/module.yml new file mode 100644 index 0000000..8bdfff2 --- /dev/null +++ b/modules/targets/crapi/module.yml @@ -0,0 +1,13 @@ +name: crapi +category: targets +description: OWASP crAPI - Completely Ridiculous API (vulnerable API security training target) + +compose: ./compose.yml + +proxy: + - hostname: crapi + service: crapi-web + port: 80 + - hostname: crapi-mail + service: mailhog + port: 8025 diff --git a/tsconfig.json b/tsconfig.json index ed53018..3c2522b 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -20,9 +20,8 @@ "noUncheckedIndexedAccess": true, "noImplicitOverride": true, - "baseUrl": ".", "paths": { - "@/*": ["src/*"] + "@/*": ["./src/*"] } }, "include": ["src/**/*"],