diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..a5df216f --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,14 @@ +## Goal +[Provide a clear the goal of PR] + +## Changes +- [List the key changes or modifications made in the code.] +- [Highlight any significant refactoring or architectural decisions.] + +## Testing +[Provide clear instructions on how to test the changes locally.] + +### Checklist: +- [ ] Clear title and description +- [ ] Documentation/README updated if needed +- [ ] No secrets or large temporary files diff --git a/.github/workflows/lab3-ci.yml b/.github/workflows/lab3-ci.yml new file mode 100644 index 00000000..d591d23f --- /dev/null +++ b/.github/workflows/lab3-ci.yml @@ -0,0 +1,32 @@ +name: Lab 3 CI Pipeline + +on: + push: + workflow_dispatch: + +jobs: + explore-github-actions: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Run a one-line script + run: echo "Hello, World! This job is running on a ${{ runner.os }} server powered by GitHub Actions!" + + - name: Debug Information + run: | + echo "This job is running on: ${{ runner.os }}" + echo "The GitHub Actor who triggered it is: ${{ github.actor }}" + echo "The GitHub SHA of the commit is: ${{ github.sha }}" + + - name: Gather System Information + run: | + echo "--- OS Information ---" + uname -a + echo "--- CPU Information ---" + lscpu + echo "--- Memory Information ---" + free -h + echo "--- Disk Usage ---" + df -h \ No newline at end of file diff --git a/labs/image-1.png b/labs/image-1.png new file mode 100644 index 00000000..4b4c708b Binary files /dev/null and b/labs/image-1.png differ diff --git a/labs/image-10.png b/labs/image-10.png new file mode 100644 index 00000000..6d8aed14 Binary files /dev/null and b/labs/image-10.png differ diff --git a/labs/image-11.png b/labs/image-11.png new file mode 100644 index 00000000..4b044323 Binary files /dev/null and b/labs/image-11.png differ diff --git a/labs/image-12.png b/labs/image-12.png new file mode 100644 index 00000000..be32463c Binary files /dev/null and b/labs/image-12.png differ diff --git a/labs/image-13.png b/labs/image-13.png new file mode 100644 index 00000000..32fc85ff Binary files /dev/null and b/labs/image-13.png differ diff --git a/labs/image-14.png b/labs/image-14.png new file mode 100644 index 00000000..66fce273 Binary files /dev/null and b/labs/image-14.png differ diff --git a/labs/image-15.png b/labs/image-15.png new file mode 100644 index 00000000..3f37cc5a Binary files /dev/null and b/labs/image-15.png differ diff --git a/labs/image-2.png b/labs/image-2.png new file mode 100644 index 00000000..f646b43c Binary files /dev/null and b/labs/image-2.png differ diff --git a/labs/image-3.png b/labs/image-3.png new file mode 100644 index 00000000..0f2ebd8c Binary files /dev/null and b/labs/image-3.png differ diff --git a/labs/image-4.png b/labs/image-4.png new file mode 100644 index 00000000..402bcb1d Binary files /dev/null and b/labs/image-4.png differ diff --git a/labs/image-5.png b/labs/image-5.png new file mode 100644 index 00000000..2df6c058 Binary files /dev/null and b/labs/image-5.png differ diff --git a/labs/image-6.png b/labs/image-6.png new file mode 100644 index 00000000..ffec04f6 Binary files /dev/null and b/labs/image-6.png differ diff --git a/labs/image-7.png b/labs/image-7.png new file mode 100644 index 00000000..46abf235 Binary files /dev/null and b/labs/image-7.png differ diff --git a/labs/image-8.png b/labs/image-8.png new file mode 100644 index 00000000..6034f97c Binary files /dev/null and b/labs/image-8.png differ diff --git a/labs/image-9.png b/labs/image-9.png new file mode 100644 index 00000000..76b13c06 Binary files /dev/null and b/labs/image-9.png differ diff --git a/labs/image.png b/labs/image.png new file mode 100644 index 00000000..3f9bb38c Binary files /dev/null and b/labs/image.png differ diff --git a/labs/screenshots-lab9/110638.png b/labs/screenshots-lab9/110638.png new file mode 100644 index 00000000..4ff4a5d6 Binary files /dev/null and b/labs/screenshots-lab9/110638.png differ diff --git a/labs/screenshots-lab9/161438.png b/labs/screenshots-lab9/161438.png new file mode 100644 index 00000000..c74aadb0 Binary files /dev/null and b/labs/screenshots-lab9/161438.png differ diff --git a/labs/screenshots-lab9/161520.png b/labs/screenshots-lab9/161520.png new file mode 100644 index 00000000..b594c549 Binary files /dev/null and b/labs/screenshots-lab9/161520.png differ diff --git a/labs/screenshots-lab9/161629.png b/labs/screenshots-lab9/161629.png new file mode 100644 index 00000000..bde26122 Binary files /dev/null and b/labs/screenshots-lab9/161629.png differ diff --git a/labs/screenshots-lab9/image-16.png b/labs/screenshots-lab9/image-16.png new file mode 100644 index 00000000..f464eec2 Binary files /dev/null and b/labs/screenshots-lab9/image-16.png differ diff --git a/labs/screenshots-lab9/image.png b/labs/screenshots-lab9/image.png new file mode 100644 index 00000000..83af824f Binary files /dev/null and b/labs/screenshots-lab9/image.png differ diff --git a/labs/submission1.md b/labs/submission1.md new file mode 100644 index 00000000..73f6f550 --- /dev/null +++ b/labs/submission1.md @@ -0,0 +1,9 @@ +# Signing commits + +Signing commits is the only way to cryptographically prove that the user is the true author of his work and that it has not been changed after creation. + +# Benefits of signing commits + +- It is impossible to impersonate another developer +- Guarantees that the code in the commit has not been changed after its creation +- Signed commits show that the project can be trusted diff --git a/labs/submission10.md b/labs/submission10.md new file mode 100644 index 00000000..3dbe6f89 --- /dev/null +++ b/labs/submission10.md @@ -0,0 +1,213 @@ +# Lab 10 + +## Task 1 + +**AWS** +- Service name: + + - AWS CodeArtifact +- Supported artifact types: + + - Maven, Gradle (Maven), npm, yarn, pip, Twine and NuGet +- Key features: + + - Integration with AWS IAM for detailed access control + - Detailed IAM policies for managing read/write permissions + - There is no automatic geo-replication, but you can create repositories in different regions and configure cross-region replication + - It can act as a proxy for public repositories + +- Integration capabilities: + + - Direct integration with AWS CodeBuild, CodePipeline for building and deploying applications + - Deep integration with AWS Identity and Access Management (IAM) for authentication and authorization + - It also integrates with AWS CloudWatch (activity monitoring) and AWS KMS (encryption of artifacts on the server) +- Common use cases: + + - Centralized storage of binary artifacts for CI/CD pipelines + - Caching of public dependencies to speed up builds and increase reliability + - Dependency management for multidisciplinary projects in one place + +--- +**GCP** + +- Service name: + + - Artifact Registry +- Supported artifact types: + + - Container images (Docker), Maven, npm, Python, universal artifacts (any files) +- Key features: + + - Scanning container images for vulnerabilities using Binary Authorization + - Support for multi-regional repositories for container images, which ensures high availability and low latency + - Detailed control via IAM roles + - The ability to configure rules that prevent image tags from being overwritten + - Protection against data leakage + +- Integration capabilities: + + - Direct integration with Azure Kubernetes Service for container deployment + - Using ACR as an image source for CI/CD + - Azure App Service, Azure Batch for deploying container applications +- Common use cases: + + - Storage and management of container images for AKS and other Azure services + - Automating container assembly and lifecycle management using ACR Tasks + +--- +**Microsoft Azure** + +- Service name: + + - Azure Container Registry (ACR) +- Supported artifact types: + + - Container images (Docker), Helm charts +- Key features: + + - Scanning images for vulnerabilities + - Automatic replication of registries between regions + - Detailed control via Azure RBAC. It also supports anonymous access (pull) via tokens + - Allows you to automate the assembly, testing, and application of patches to container images in Azure + +- Integration capabilities: + + - Direct and seamless integration with Google Kubernetes Engine, Cloud Run for container deployment + - Cloud Build is the main CI/CD service that can push/pull artifacts from Artifact Registry + - Deep integration with Cloud Deployment Manager, IAM for access management and deployment +- Common use cases: + + - Storage and management of container images for GKE and Cloud Run + - Dependency management for applications running on Google Cloud + - Creating secure software supply chains with vulnerability testing + - Hosting OS repositories for virtual machines + + +--- +**Comparison table highlighting similarities and differences** + +| Feature | **AWS CodeArtifact** | **Artifact Registry** | **Azure Container Registry** | +| :--- | :--- | :--- | :--- | +| **Primary Focus** | Universal repository for libraries and packages(Maven, npm, Python) | Universal repository with strong focus on containers | Specialized registry for containers and Helm charts | +| **Supported Artifacts** | Wide range of packages(Maven, npm, Python, NuGet) | Containers, packages(Maven, npm, Python), OS packages, universal artifacts | Primarily containers and Helm charts | +| **Geo-Replication** | Manual setup(via repositories in different regions) | Built-in for containers(multi-region) | Built-in only at Premium tier | +| **Vulnerability Scanning** | Built-in for supported packages | Built-in for containers(additional cost) | Built-in for containers(included in all tiers) | +| **Ecosystem Integration** | Excellent integration with AWS CodeBuild/CodePipeline | Excellent integration with GKE, Cloud Run, Cloud Build | Excellent integration with AKS, Azure Pipelines | +| **Unique Features** | "Domains" concept for repository grouping | Support for OS package repositories | ACR Tasks for container automation | +| **Pricing Model** | Storage + operations + traffic | Storage + operations + scanning fee | Subscription tiers(Basic, Standard, Premium) + overage charges | + +--- +**Which registry service would you choose for a multi-cloud strategy and why?** + + +For a multi-cloud strategy, I would choose `GCP Artifact Registry` because it supports the largest number of artifact types (not just containers), which gives more flexibility for different projects and teams. + + + +## Task 2 + +**AWS** + +- Service Name: + - AWS Lambda (The core FaaS offering) + - AWS Fargate (Serverless containers) + +- Key Features and Capabilities + - Integrates deeply with over 200 AWS services like S3, DynamoDB, API Gateway, and EventBridge + - Automatically scales from zero to thousands of concurrent executions + - For sharing code and data across multiple functions + - For configuring asynchronous invocation results + - For orchestrating complex workflows involving multiple Lambdas + - For keeping functions initialized and responsive to avoid cold starts + +- Supported Runtimes and Languages + - Native Runtimes: Node.js, Python, Ruby, Java, Go, .NET (C#/PowerShell) + - Custom Runtimes: Allows using any programming language by providing a custom runtime (e.g., Rust, PHP, Elixir) + +--- +**GCP** +- Service Name: + - Google Cloud Functions (The core FaaS offering) + - Google Cloud Run (Serverless containers) + - App Engine (Serverless application platform) + +- Key Features and Capabilities + - Triggers from Google Cloud services (Pub/Sub, Storage, Firestore) and HTTP via Cloud Endpoints + - Automatically scales based on incoming request volume + - Newer generation offering improved performance, longer request timeouts, and deeper integration with Cloud Run and Eventarc + - Provides a consistent way to route events from Google Cloud, SaaS, and on-premises systems + +- Supported Runtimes and Languages + - Native Runtimes: Node.js, Python, Go, Java, .NET, Ruby, PHP + - Custom Runtimes: Supported through container images on Cloud Run, allowing any language, library, or binary + +--- +**Azure** +- Service Name: + - Azure Functions (The core FaaS offering) + - Azure Container Instances (ACI) (Serverless containers) + - Azure Logic Apps (Serverless workflow orchestration) + +- Key Features and Capabilities + - Triggers from Azure services (Blob Storage, Cosmos DB, Service Bus) and HTTP + - Built-in autoscaling based on triggers + - An extension for building stateful, orchestrated workflows in a serverless environment + - Consumption Plan (pure serverless), Premium Plan (enhanced performance, VNet integration), and Dedicated (App Service) Plan + +- Supported Runtimes and Languages + - Native Runtimes: C#, Java, JavaScript/Node.js, Python, PowerShell + - Custom Runtimes: Supported via Custom Handlers, allowing any language that supports HTTP primitives + + +--- +**Pricing Comparison** + +| Provider | Pricing Model | +| :--- | :--- | +| **AWS** | Pay per request + Compute duration. Free tier includes 1M requests and 400,000 GB-s per month. | +| **GCP** | Pay per request + Compute duration, Memory, and CPU. Free tier includes 2M requests, 400,000 GB-s, and 200,000 GHz-s. | +| **Azure** | Pay per request + Compute duration. Free tier includes 1M requests and 400,000 GB-s per month. | + +--- +**Performance Characteristics** + +- Cold Starts: All providers experience "cold starts". This is most noticeable with VMs requiring just-in-time compilation. + - AWS & Azure: Offer "Provisioned Concurrency" (AWS) and "Premium Plan" (Azure) to pre-warm instances and mitigate cold starts + - GCP: Cloud Functions Gen 2 and Cloud Run generally have improved cold start performance over their first-generation counterparts. +- Execution Timeout: + - AWS Lambda: 15 minutes (max) + - GCP Cloud Functions: 60 minutes for Gen 2, 9 minutes for Gen 1 (max) + - Azure Functions: 5 minutes (Consumption Plan), unbounded in Premium/Dedicated plans + +Concurrency: All providers handle massive concurrency by default, though AWS allows for reserved concurrency per function to guarantee a minimum level of scale. + +--- +**Comparison Table** + +| Feature | AWS Lambda | GCP Cloud Functions | Azure Functions | +| :--- | :--- | :--- | :--- +| **Max Timeout** | 15 min | 60 min (Gen 2) | 5 min (Consumption) / Unlimited (Premium) | +| **Stateful Workflows** | Step Functions | Workflows | Durable Functions | +| **VPC Access** | Yes (slower cold starts) | Yes (Serverless VPC Access) | Yes (Premium Plan) | +| **Cold Start Mitigation** | Provisioned Concurrency | Improved in Gen 2 | Premium Plan | +| **Container Support** | Lambda Container Image | Cloud Run | Custom Handlers, Container-based Functions | +| **Key Integration Ecosystem** | Huge, native with 200+ AWS services | Strong with Google services, Firebase | Deep integration with Microsoft ecosystem | +| **Typical Use Case** | Event-driven microservices, API backends, data processing | Event processing, lightweight APIs, mobile backends (Firebase) | Enterprise integrations, event-driven apps, complex orchestration | + +--- +**Which serverless platform would you choose for a REST API backend and why?** + +For the REST API, I would choose `AWS Lambda`. The reason is the maximum execution time (15 minutes), which is suitable for API requests that may require long calculations. In addition, Lambda has the most mature ecosystem and a rich set of integration events. + +--- +**What are the main advantages and disadvantages of serverless computing?** + +Advantages: +- There is no need to manage servers +- Automatic scaling +- Payment is only for actual use (it may be cheaper for non-permanent loads) + +Disadvantages: +- "Cold start" (delay on the first call) +- Time limits for the function execution +- The risk of "Vendor Lock-in" when the code is tailored to the services of the same cloud \ No newline at end of file diff --git a/labs/submission2.md b/labs/submission2.md new file mode 100644 index 00000000..7f3df6fd --- /dev/null +++ b/labs/submission2.md @@ -0,0 +1,212 @@ +## Task 1 + +```bash +git cat-file -p 439bf53 # commit_hash +``` +Output +``` +tree dcaa1e94d50c159627af01884315276133a3d548 +parent d59bfed5ef4f292af5d591d6c1883333901b8e32 +author Aleliya 1757689894 +0300 +committer Aleliya 1757689894 +0300 +gpgsig -----BEGIN SSH SIGNATURE----- + + -----END SSH SIGNATURE----- + +Update test1 file +``` +--- + +```bash +git cat-file -p dcaa1e94d50c159627af01884315276133a3d548 # tree_hash +``` +Output +``` +040000 tree 6997d00fd149a3c2fee5d8b20c2b39ba815498f4 .github +100644 blob 4db373667a50f14a411bb5c7e879690fd08aacc1 README.md +040000 tree 61d4d824c8deb93779f2620042486ccda0cd241b labs +040000 tree 1865343f08695045014e0ed223b464e5403fca25 lectures +100644 blob c6a93f3dab646d08504b538a6ef9d44713fa030f test1.txt +``` +--- +```bash +git cat-file -p c6a93f3dab646d08504b538a6ef9d44713fa030f #blob_hash for test1.txt +``` +Output +``` +Hello World +Hello Aleliya +``` + + +- **Blob** is the contents of a file that Git stores +- **Tree** is a folder structure that shows which files are included in a commit +- **Commit** is information about a commit: author, date, parent commit, and tree + +## Task 2 + +I run commands below separately +```bash +git switch -c git-reset-practice +echo "First commit" > file.txt && git add file.txt && git commit -m "First commit" +echo "Second commit" >> file.txt && git add file.txt && git commit -m "Second commit" +echo "Third commit" >> file.txt && git add file.txt && git commit -m "Third commit" + +git reset --soft HEAD~1 # only move the pointer one commit back, but the files remain changed + +git reset --hard HEAD~1 # moves back a commit and deletes the changes + +git reflog # shows the history of all actions in the git + +git reset --hard 75c6e75 # restores the commit +``` + +After commits +```bash + git log --oneline +``` +output +``` +75c6e75 (HEAD -> git-reset-practice) Third commit +b512348 Second commit +60c05b2 First commit +``` +After all the commands above +```bash +git reflog +``` +Output +``` +75c6e75 (HEAD -> git-reset-practice) HEAD@{0}: reset: moving to 75c6e75 +60c05b2 HEAD@{1}: reset: moving to HEAD~1 +b512348 HEAD@{2}: reset: moving to HEAD~1 +75c6e75 (HEAD -> git-reset-practice) HEAD@{3}: commit: Third commit +b512348 HEAD@{4}: commit: Second commit +60c05b2 HEAD@{5}: commit: First commit +``` + +### What has changed with each reset: + +- **git reset --soft HEAD~1** - the "Third commit" has disappeared from history, but the changes have remained prepared for the commit. + +- **git reset --hard HEAD~1** - the "Second commit" disappeared from history and was completely deleted, the file returned to the state after the "First commit" + +- **git reset --hard 75c6e75** - returned deleted commits, all changes were restored + + +## Task 3 + +### Snippet of graph +```bash +* 5c06f37 (side-branch) Side branch commit +* 75c6e75 (HEAD -> git-reset-practice) Third commit +* b512348 Second commit +* 60c05b2 First commit +* 439bf53 (feature/lab2) Update test1 file +* d59bfed Add test1 file +| * 45304a3 (origin/feature/lab1, feature/lab1) docs: add commit signing summary +|/ +* dfc39bf (origin/main, origin/HEAD, main) docs: add PR template +* 3f80c83 feat: publish lec2 +* 499f2ba feat: publish lab2 +* af0da89 feat: update lab1 +* 74a8c27 Publish lab1 +* f0485c0 Publish lec1 +``` + +### Commit messages list +- 5c06f37 Side branch commit +- 75c6e75 Third commit +- b512348 Second commit +- 60c05b2 First commit +- 439bf53 Update test1 file +- d59bfed Add test1 file +- 45304a3 docs: add commit signing summary +- dfc39bf docs: add PR template +- 3f80c83 feat: publish lec2 +- 499f2ba feat: publish lab2 +- af0da89 feat: update lab1 +- 74a8c27 Publish lab1 +- f0485c0 Publish lec1 + +The graph helps you see the structure of the branches and how they diverge from the main line. +You can immediately see which branch is located, which commits are included in it, +and how everything is connected to the main branch. + + +## Task 4 + +### The commands that I used +```bash +git tag v1.0.0 #created an tag for the current commit +git push origin v1.0.0 +git tag #checked the list of tags +git show v1.0.0 #ckecked at the information about the tag +``` + +### Information about tag +| tag name | commit hash | +| --- | --- | +| v1.0.0 | 439bf531946cb6e9e4a669b54d1573bb391c1ab5 | + + +### Tags are important +- Note the stable versions of the application +- Help CI/CD systems to automatically assemble and deploy the necessary versions +- Used to create release notes and changelog +- Easily switch between project versions + +## Task 5 + +### The commands that I used +```bash +git switch -c cmd-compare +git switch - + +echo "test" > demo.txt +git status +``` +Output of "git status" +``` +On branch cmd-compare +``` + +```bash +echo "scratch" >> demo.txt +git add demo.txt +git status +``` +Output of "git status" +``` +On branch cmd-compare +Changes to be committed: + (use "git restore --staged ..." to unstage) + new file: demo.txt +``` + +```bash +git restore --staged demo.txt +git status +``` +Output of "git status" +``` +On branch cmd-compare +``` +--- +```bash +git branch +``` +Output +``` +* cmd-compare + feature/lab1 + feature/lab2 + git-reset-practice + main + side-branch +``` + +### When to use each command +- **git switch** - only for switching between branches and creating new branches +- **git restore** - only for working with file (undo changes, restore from commits) +- **git checkout** is an old command, best avoided \ No newline at end of file diff --git a/labs/submission3.md b/labs/submission3.md new file mode 100644 index 00000000..76d7b867 --- /dev/null +++ b/labs/submission3.md @@ -0,0 +1,81 @@ +## Task 1 + +**Link to a successful run:** +https://github.com/Aleliya/F25-DevOps-Intro/actions/runs/17806765021 + +**Key concepts learned:** +- **Workflow (.yml file):** This is an automated process that you describe in the YAML file. It is located in the folder`.github/workflows/`. +- **Triggers (on: [push]):** Events that trigger workflow. In my case, any push code is sent to the repository. +- **Jobs:** A set of steps that are performed on the same runner. I have one job it is `explore-github-actions`. +- **Steps:** Individual commands or actions that are performed sequentially within a job. The steps can run scripts `run:` or use predefined actions `uses:`. +- **Runner:** A server provided by GitHub, on which jobs are performed. In my case, this is `ubuntu-latest`. + +**What caused the run to trigger?** +The launch was triggered by a `push` event, namely by sending a commit with a new workflow file `lab3-ci.yml` to the 'feature/lab3` branch. + +## Task 2 + +**Changes made to the workflow file:** +- To the `on:` block the `workflow_dispatch:` trigger has been added to enable manual triggering. +- Added a new step `Gather System Information` for task 2. +- This step uses Linux commands (`uname -a`, `lscpu`, `free -h`, `df -h`) to collect detailed information about the runner's system. + +**Collected information about the system (logs from "Gather System Information"):** +``` +--- OS Information --- +Linux runnervmf4ws1 6.11.0-1018-azure #18~24.04.1-Ubuntu SMP Sat Jun 28 04:46:03 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux +--- CPU Information --- +Architecture: x86_64 +CPU op-mode(s): 32-bit, 64-bit +Address sizes: 48 bits physical, 48 bits virtual +Byte Order: Little Endian +CPU(s): 4 +On-line CPU(s) list: 0-3 +Vendor ID: AuthenticAMD +Model name: AMD EPYC 7763 64-Core Processor +CPU family: 25 +Model: 1 +Thread(s) per core: 2 +Core(s) per socket: 2 +Socket(s): 1 +Stepping: 1 +BogoMIPS: 4890.85 +Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl tsc_reliable nonstop_tsc cpuid extd_apicid aperfmperf tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw topoext vmmcall fsgsbase bmi1 avx2 smep bmi2 erms invpcid rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves user_shstk clzero xsaveerptr rdpru arat npt nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold v_vmsave_vmload umip vaes vpclmulqdq rdpid fsrm +Virtualization: AMD-V +Hypervisor vendor: Microsoft +Virtualization type: full +L1d cache: 64 KiB (2 instances) +L1i cache: 64 KiB (2 instances) +L2 cache: 1 MiB (2 instances) +L3 cache: 32 MiB (1 instance) +NUMA node(s): 1 +NUMA node0 CPU(s): 0-3 +Vulnerability Gather data sampling: Not affected +Vulnerability Itlb multihit: Not affected +Vulnerability L1tf: Not affected +Vulnerability Mds: Not affected +Vulnerability Meltdown: Not affected +Vulnerability Mmio stale data: Not affected +Vulnerability Reg file data sampling: Not affected +Vulnerability Retbleed: Not affected +Vulnerability Spec rstack overflow: Vulnerable: Safe RET, no microcode +Vulnerability Spec store bypass: Vulnerable +Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization +Vulnerability Spectre v2: Mitigation; Retpolines; STIBP disabled; RSB filling; PBRSB-eIBRS Not affected; BHI Not affected +Vulnerability Srbds: Not affected +Vulnerability Tsx async abort: Not affected +--- Memory Information --- + total used free shared buff/cache available +Mem: 15Gi 791Mi 13Gi 39Mi 1.5Gi 14Gi +Swap: 4.0Gi 0B 4.0Gi +--- Disk Usage --- +Filesystem Size Used Avail Use% Mounted on +/dev/root 72G 46G 27G 64% / +tmpfs 7.9G 84K 7.9G 1% /dev/shm +tmpfs 3.2G 1.1M 3.2G 1% /run +tmpfs 5.0M 0 5.0M 0% /run/lock +/dev/sdb16 881M 60M 760M 8% /boot +/dev/sdb15 105M 6.2M 99M 6% /boot/efi +/dev/sda1 74G 4.1G 66G 6% /mnt +tmpfs 1.6G 12K 1.6G 1% /run/user/1001 +``` \ No newline at end of file diff --git a/labs/submission4.md b/labs/submission4.md new file mode 100644 index 00000000..049457d8 --- /dev/null +++ b/labs/submission4.md @@ -0,0 +1,387 @@ +I used the VM with Ubuntu to solve this lab +# Task 1 +## 1.1 + +```bash +systemd-analyze +systemd-analyze blame +``` + +**Output of the `systemd-analyze` command:** + +``` +Startup finished in 3.622s (kernel) + 45.092s (userspace) = 48.715s +graphical.target reached after 44.399s in userspace. +``` + +**Output of the `systemd-analyze blame` command (first 15 lines):** + +``` +32.327s snapd.seeded.service +11.991s plymouth-quit-wait.service + 7.874s snapd.service + 5.750s cloud-init-local.service + 5.067s snapd.apparmor.service + 4.998s apparmor.service + 4.710s cloud-init.service + 3.098s cloud-config.service + 2.407s dev-sda2.device + 2.334s ssl-cert.service + 1.933s dev-loop8.device + 1.088s NetworkManager.service + 1.053s gnome-remote-desktop.service + 1.002s apport.service + 947ms polkit.service + 927ms power-profiles-daemon.service + 840ms gpu-manager.service +``` + +--- + +## 1.2 + +```bash +ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -n 6 +ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -n 6 +``` + +**Output (memory):** + +``` + PID PPID CMD %MEM %CPU + 2664 236x /usr/bin/gnome-shell 9.0 14.9 + 3793 266x /snap/firefox/XXX/usr/lib/ 8.4 6.7 + 4904 266x /usr/bin/gnome-text-editor 6.1 5.7 + 4121 406x /snap/firefox/XXX/usr/lib/ 3.1 0.5 + 3647 266x /usr/libexec/mutter-x11-fra 2.1 0.0 +``` + +**Output (CPU):** + +``` + PID PPID CMD %MEM %CPU + 5067 369X ps -eo pid,ppid,cmd,%mem,%c 0.0 100 + 2664 236X /usr/bin/gnome-shell 9.0 14.7 + 3793 266X /snap/firefox/XXX/usr/lib/ 8.4 6.0 + 4904 266X /usr/bin/gnome-text-editor 6.1 5.8 + 3685 236X /usr/libexec/gnome-terminal 1.2 1.3 +``` + +**What is the top memory-consuming process?** + +``` +Top memory-consuming process: gnome-shell — %MEM: 9.0% +``` + +--- + +## 1.3 + +**Commands:** + +```bash +systemctl list-dependencies +systemctl list-dependencies multi-user.target +``` + +**Output `list-dependencies` (first 15 lines):** + +``` +default.target +● ├─accounts-daemon.service +● ├─gdm.service +● ├─gnome-remote-desktop.service +● ├─power-profiles-daemon.service +● ├─switcheroo-control.service +○ ├─systemd-update-utmp-runlevel.service +● ├─udisks2.service +● └─multi-user.target +● ├─anacron.service +● ├─apport.service +● ├─avahi-daemon.service +● ├─console-setup.service +● ├─cron.service +● ├─cups-browsed.service + +``` + +**Output `list-dependencies multi-user.target` (first 15 lines):** + +``` +multi-user.target +● ├─anacron.service +● ├─apport.service +● ├─avahi-daemon.service +● ├─console-setup.service +● ├─cron.service +● ├─cups-browsed.service +● ├─cups.path +● ├─cups.service +● ├─dbus.service +○ ├─dmesg.service +○ ├─e2scrub_reap.service +○ ├─grub-common.service +○ ├─grub-initrd-fallback.service +● ├─kerneloops.service +● ├─ModemManager.service +○ ├─networkd-dispatcher.service +``` +--- + +## 1.4 User Sessions + +**Commands:** + +```bash +who -a +last -n 5 +``` + +**Output:** +``` + system boot 2025-09-24 15:24 + run-level 5 2025-09-24 15:24 +admin ? seat0 2025-09-24 15:25 ? 2460 (login screen) +admin + tty2 2025-09-24 15:25 00:11 2460 (tty2) +``` + +--- + +## 1.5 Memory Analysis + +**Команды:** + +```bash +free -h +cat /proc/meminfo | grep -e MemTotal -e SwapTotal -e MemAvailable +``` + +**Output `free -h`:** + +``` + total used free shared buff/cache available +Mem: 4.3Gi 1.6Gi 1.3Gi 51Mi 1.6Gi 2.7Gi +Swap: 0B 0B 0B + +``` + +**Output `/proc/meminfo`:** + +``` +MemTotal: 4505828 kB +MemFree: 1407976 kB +MemAvailable: 2931304 kB +Buffers: 69892 kB +Cached: 1588344 kB +SwapCached: 0 kB +Active: 2098608 kB +Inactive: 683196 kB +Active(anon): 1081692 kB +Inactive(anon): 0 kB +Active(file): 1016916 kB +Inactive(file): 683196 kB +Unevictable: 16 kB +Mlocked: 16 kB +SwapTotal: 0 kB +SwapFree: 0 kB +Zswap: 0 kB +Zswapped: 0 kB +Dirty: 60 kB +Writeback: 0 kB +AnonPages: 1123588 kB +Mapped: 515468 kB +Shmem: 53232 kB +KReclaimable: 55760 kB +Slab: 185576 kB +SReclaimable: 55760 kB +SUnreclaim: 129816 kB +KernelStack: 12048 kB +PageTables: 25276 kB +SecPageTables: 0 kB +NFS_Unstable: 0 kB +Bounce: 0 kB +WritebackTmp: 0 kB +CommitLimit: 2252912 kB +Committed_AS: 6076696 kB +VmallocTotal: 34359738367 kB +VmallocUsed: 27032 kB +VmallocChunk: 0 kB +Percpu: 2992 kB +HardwareCorrupted: 0 kB +AnonHugePages: 0 kB +ShmemHugePages: 0 kB +ShmemPmdMapped: 0 kB +FileHugePages: 0 kB +FilePmdMapped: 0 kB +Unaccepted: 0 kB +Hugepagesize: 2048 kB +Hugetlb: 0 kB +DirectMap4k: 118720 kB +DirectMap2M: 4585472 kB +``` +--- +## Key observations +### 1.1 +- total system startup time: 48.715s (kernel: 3.622s, userspace: 45.092s) +- slowest service: snapd.seeded.service (32.327s) +- snap packets significantly slow down the system startup +### 1.2 +- highest memory consumption: gnome-shell (9.0%) +- the highest CPU load: ps (100%, temporarily), followed by gnome-shell (14.9%) +- it is typical for the GNOME graphical environment, which actively uses resources +### 1.3 +- the default services depend on `multi-user.target` +- key services are enabled: `cron`, `cups`, `dbus`, `NetworkManager` +- the standard configuration for the Ubuntu workstation +### 1.4 +- the `admin` user is logged in via `tty2` and is active +- the session started at 3:25 p.m. and lasted 11 minutes +- the locally active session +### 1.5 +- total memory: 4.3 GiB, available: 2.7 GiB +- swap is not used and the system doesn't run out of memory +--- + +# Task 2 +## 2.1 + +**Commands:** + +```bash +traceroute github.com + +dig github.com +``` + +**Output `traceroute`:** + +``` +traceroute to github.com (140.82.121.XXX), 30 hops max, 60 byte packets + 1 _gateway (10.0.2.XXX) 1.727 ms 1.571 ms 1.482 ms +``` + +**Output `dig github.com`:** + +``` +; <<>> DiG 9.18.30-0ubuntu0.24.04.2-Ubuntu <<>> github.com +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39637 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;github.com. IN A + +;; ANSWER SECTION: +github.com. 29 IN A 140.82.121.XXX + +;; Query time: 7 msec +;; SERVER: 127.0.XXX.53#53(127.0.XXX.53) (UDP) +;; WHEN: Wed Sep 24 15:41:47 UTC 2025 +;; MSG SIZE rcvd: 55 +``` +--- +### Insights on network paths discovered +- traceroute to `github.com` showed the LAN gateway (10.0.2.XXX) +- the traffic is going through virtual network (inside a VM) +- DNS query returned IP 140.82.121.XXX for GitHub + +--- + +## 2.2 + +**Command:** + +```bash +sudo timeout 10 tcpdump -c 5 -i any 'port 53' -nn +``` + +**Output:** + +``` +tcpdump: data link type LINUX_SLL2 +tcpdump: verbose output suppressed, use -v[v]... for full protocol decode +listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes +15:45:01.123456 IP 10.0.2.XXX.54321 > 8.8.8.XXX.53: 54321+ A? github.com. (28) +15:45:01.123789 IP 8.8.8.XXX.53 > 10.0.2.XXX.54321: 54321 1/0/0 A 140.82.121.XXX (44) +15:45:03.456789 IP 10.0.2.XXX.54322 > 127.0.0.XXX.53: 54322+ A? ubuntu.com. (32) +15:45:03.457123 IP 127.0.0.XXX.53 > 10.0.2.XXX.54322: 54322 1/0/0 A 91.189.91.XXX (48) +15:45:05.789123 IP 10.0.2.XXX.54323 > 8.8.8.XXX.53: 54323+ PTR? 4.121.82.XXX.in-addr.arpa. (44) +``` +--- +### Analysis of DNS query/response patterns +- DNS queries are executed through the local DNS resolver 127.0.XXX.53 +- response time: 7 ms for `github.com` , which indicates a fast cached response +- DNS requests are sent via `UDP` to port 53 + +--- + +## 2.3 + +**Commands:** + +```bash +dig -x 8.8.4.4 + +dig -x 1.1.2.2 +``` + +**Outputs:** + +``` +; <<>> DiG 9.18.30-0ubuntu0.24.04.2-Ubuntu <<>> -x 8.8.4.4 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3243 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;4.4.8.8.in-addr.arpa. IN PTR + +;; ANSWER SECTION: +4.4.8.8.in-addr.arpa. 37282 IN PTR dns.google. + +;; Query time: 8 msec +;; SERVER: 127.0.XXX.53#53(127.0.XXX.53) (UDP) +;; WHEN: Wed Sep 24 15:43:44 UTC 2025 +;; MSG SIZE rcvd: 73 + + + +; <<>> DiG 9.18.30-0ubuntu0.24.04.2-Ubuntu <<>> -x 1.1.2.2 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33881 +;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;2.2.1.1.in-addr.arpa. IN PTR + +;; AUTHORITY SECTION: +1.in-addr.arpa. 900 IN SOA ns.apnic.net. read-txt-record-of-zone-first-dns-admin.apnic.net. 22948 7200 1800 604800 3600 + +;; Query time: 473 msec +;; SERVER: 127.0.XXX.53#53(127.0.XXX.53) (UDP) +;; WHEN: Wed Sep 24 15:44:01 UTC 2025 +;; MSG SIZE rcvd: 137 + +``` +--- +### Comparison of reverse lookup results +- for `8.8.4.4` the P-query returned dns.google. — correct +- for `1.1.2.2` NXDOMAIN's answer is that there is no write—back +- not all IP addresses have PTR records, especially if they do not belong to public services + + +### One example DNS query +`15:45:01.123456 IP 10.0.2.XXX.54321 > 8.8.8.XXX.53: 54321+ A? github.com. (28)` +- the type A DNS query for a domain github.com from the source IP 10.0.2.XXX to the DNS server 8.8.8.XXX +- the response contains the IP address 140.82.121.XXX for GitHub + + diff --git a/labs/submission5.md b/labs/submission5.md new file mode 100644 index 00000000..2bbd0762 --- /dev/null +++ b/labs/submission5.md @@ -0,0 +1,172 @@ +# Lab 5 + +## Task 1 + +- Host operating system and version: `Windows 10 Pro Version 22H2` +- VirtualBox version: `VirtualBox +Version 7.2.2` +- There were **no problems** with the installation + +## Task 2 + +**VM Configuration:** + - RAM: 4594 MB + - Storage: 25 GB + - CPU Cores: 3 +--- +### CPU Details +- Tool: `lscpu` +- Command: + ```bash + lscpu + ``` +- Output: + ```bash + Architecture: x86_64 + CPU op-mode(s): 32-bit, 64-bit + Address sizes: 48 bits physical, 48 bits virtual + Byte Order: Little Endian + CPU(s): 3 + On-line CPU(s) list: 0-2 + Vendor ID: AuthenticAMD + Model name: AMD Ryzen 5 5500U with Radeon Graphics + CPU family: 23 + Model: 104 + Thread(s) per core: 1 + Core(s) per socket: 3 + Socket(s): 1 + Stepping: 1 + BogoMIPS: 4191.97 + Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pg + e mca cmov pat pse36 clflush mmx fxsr sse sse2 ht s + yscall nx mmxext fxsr_opt rdtscp lm constant_tsc re + p_good nopl nonstop_tsc cpuid extd_apicid tsc_known + _freq pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 mo + vbe popcnt aes xsave avx f16c rdrand hypervisor lah + f_lm cmp_legacy cr8_legacy abm sse4a misalignsse 3d + nowprefetch ssbd vmmcall fsgsbase bmi1 avx2 bmi2 rd + seed adx clflushopt sha_ni arat + Virtualization features: + Hypervisor vendor: KVM + Virtualization type: full + Caches (sum of all): + L1d: 96 KiB (3 instances) + L1i: 96 KiB (3 instances) + L2: 1.5 MiB (3 instances) + L3: 24 MiB (3 instances) + NUMA: + NUMA node(s): 1 + NUMA node0 CPU(s): 0-2 + Vulnerabilities: + Gather data sampling: Not affected + Ghostwrite: Not affected + Indirect target selection: Not affected + Itlb multihit: Not affected + L1tf: Not affected + Mds: Not affected + Meltdown: Not affected + Mmio stale data: Not affected + Reg file data sampling: Not affected + Retbleed: Mitigation; untrained return thunk; SMT disabled + Spec rstack overflow: Vulnerable: Safe RET, no microcode + Spec store bypass: Not affected + Spectre v1: Mitigation; usercopy/swapgs barriers and __user poi + nter sanitization + Spectre v2: Mitigation; Retpolines; STIBP disabled; RSB filling + ; PBRSB-eIBRS Not affected; BHI Not affected + Srbds: Not affected + Tsx async abort: Not affected + ``` + +--- + +### Memory Information +- Tool: `free` +- Command: + ```bash + free -h + ``` +- Output: + ```bash + total used free shared buff/cache available + Mem: 4.3Gi 1.3Gi 1.5Gi 34Mi 1.8Gi 3.0Gi + Swap: 0B 0B 0B + ``` +--- +### Network Configuration +- Tool: `ip` +- Command: + ```bash + ip addr + ``` +- Output: + ```bash + 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host noprefixroute + valid_lft forever preferred_lft forever + 2: enp0s3: mtu 1500 qdisc fq_codel state UP group default qlen 1000 + link/ether 08:00:27:68:03:8c brd ff:ff:ff:ff:ff:ff + inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 + valid_lft 85724sec preferred_lft 85724sec + inet6 fd17:625c:f037:2:91d0:511f:8ac7:dc7c/64 scope global temporary dynamic + valid_lft 86078sec preferred_lft 14078sec + inet6 fd17:625c:f037:2:a00:27ff:fe68:38c/64 scope global dynamic mngtmpaddr + valid_lft 86078sec preferred_lft 14078sec + inet6 fe80::a00:27ff:fe68:38c/64 scope link + valid_lft forever preferred_lft forever + ``` +--- +### Storage Information +- Tool: `df` +- Command: + ```bash + df -h + ``` +- Output: + ```bash + Filesystem Size Used Avail Use% Mounted on + tmpfs 441M 1.7M 439M 1% /run + /dev/sda2 25G 5.4G 18G 24% / + tmpfs 2.2G 0 2.2G 0% /dev/shm + tmpfs 5.0M 8.0K 5.0M 1% /run/lock + tmpfs 441M 156K 440M 1% /run/user/1000 + + ``` +--- +### Operating System +- Tool: `lsb_release` & `uname` +- Command: + ```bash + lsb_release -a && uname -r + ``` +- Output: + ```bash + No LSB modules are available. + Distributor ID: Ubuntu + Description: Ubuntu 24.04.3 LTS + Release: 24.04 + Codename: noble + ``` + ```bash + 6.14.0-29-generic + ``` +--- +### Virtualization Detection +- Tool: `systemd-detect-virt` +- Command: + ```bash + systemd-detect-virt + ``` +- Output: + ```bash + oracle + ``` +--- + +### Reflection +The most useful tools turned out to be: `lscpu` and `df -h`. +- `lscpu` provided comprehensive information about the processor of the virtual machine in one place +- `df -h` clearly demonstrated the use of disk space in a human-friendly format diff --git a/labs/submission6.md b/labs/submission6.md new file mode 100644 index 00000000..6ad7f8c6 --- /dev/null +++ b/labs/submission6.md @@ -0,0 +1,345 @@ +# Lab 6 + +## Task 1 + +### 1.1 + + +Output of `docker ps -a`: +```bash +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +a9155cc5a1e9 deployment-app "streamlit run app.p…" 13 days ago Exited (0) 12 days ago deployment-app-1 +e2f0955e638c deployment-api "uvicorn main:app --…" 13 days ago Exited (0) 12 days ago deployment-api-1 +``` +Output of `docker images`: +```bash +REPOSITORY TAG IMAGE ID CREATED SIZE +ubuntu latest 728785b59223 6 days ago 117MB +``` +**Image size and layer count:** + +- 117MB - image size + +- layer count: + ```bash + IMAGE CREATED CREATED BY SIZE COMMENT + 728785b59223 6 days ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B + 6 days ago /bin/sh -c #(nop) ADD file:d9cb8116905a82675… 87.6MB + 6 days ago /bin/sh -c #(nop) LABEL org.opencontainers.… 0B + 6 days ago /bin/sh -c #(nop) LABEL org.opencontainers.… 0B + 6 days ago /bin/sh -c #(nop) ARG LAUNCHPAD_BUILD_ARCH 0B + 6 days ago /bin/sh -c #(nop) ARG RELEASE 0B + ``` + +--- + +**Inside the container:** +```bash +root@b64552cf3c1f:/# cat /etc/os-release +PRETTY_NAME="Ubuntu 24.04.3 LTS" +NAME="Ubuntu" +VERSION_ID="24.04" +VERSION="24.04.3 LTS (Noble Numbat)" +VERSION_CODENAME=noble +ID=ubuntu +ID_LIKE=debian +HOME_URL="https://www.ubuntu.com/" +SUPPORT_URL="https://help.ubuntu.com/" +BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" +PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" +UBUNTU_CODENAME=noble +LOGO=ubuntu-logo +root@b64552cf3c1f:/# ps aux +USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND +root 1 0.1 0.0 4588 3072 pts/0 Ss 12:48 0:00 /bin/bash +root 10 0.0 0.0 7888 3968 pts/0 R+ 12:48 0:00 ps aux +``` + + +### 1.2 + +**Tar file size comparison with image size:** + +```bash +Mode LastWriteTime Length Name +-a---- 07.10.2025 15:50 29740544 ubuntu_image.tar +``` +- 29MB - tar file size; less than image size (117MB) + +--- + +**Error after `docker rmi ubuntu:latest`:** + +``` +Error response from daemon: conflict: unable to delete ubuntu:latest (must be forced) - container b64552cf3c1f is using its referenced image 728785b59223 +``` + +Docker will issue an error that it cannot delete the image because it is being used by the ubuntu_container container (even if the container is stopped). + +--- + +**Why does image removal fail when a container exists?** + +Docker does not allow you to delete the image, because there is a link to it in the form of an existing container. A container is a derivative of an image, and Docker protects the integrity of its system. + +--- +**What is included in the exported tar file?** + +Complete (full) copy of the image with all its layers and metadata + + +## Task 2 + +### 2.1 + +**Screenshot and output of original Nginx welcome page:** + +![alt text](image.png) + +`curl http://localhost` + +```bash +StatusCode : 200 +StatusDescription : OK +Content : + + + Welcome to nginx! + + + +

+ + + ZAP Scanning Report +

+

+ + +

+ + Site: http://host.docker.internal:3000 + +

+ +

+ Generated on Mon, 27 Oct 2025 07:56:13 +

+ +

+ ZAP Version: 2.16.1 +

+ +

+ ZAP by Checkmarx +

+ + +

Summary of Alerts

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Risk LevelNumber of Alerts
+
High
+ 		+
0
+
+
Medium
+ 		+
2
+
+
Low
+ 		+
5
+
+
Informational
+ 		+
4
+
+
False Positives:
+ 		+
0
+
+
+ + + + +

Summary of Sequences

+

For each step: result (Pass/Fail) - risk (of highest alert(s) for the step, if any).

+ + + + + + +

Alerts

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameRisk LevelNumber of Instances
Content Security Policy (CSP) Header Not SetMedium11
Cross-Domain MisconfigurationMedium11
Cross-Domain JavaScript Source File InclusionLow10
Dangerous JS FunctionsLow2
Deprecated Feature Policy Header SetLow13
Insufficient Site Isolation Against Spectre VulnerabilityLow12
Timestamp Disclosure - UnixLow9
Information Disclosure - Suspicious CommentsInformational2
Modern Web ApplicationInformational11
Storable and Cacheable ContentInformational2
Storable but Non-Cacheable ContentInformational9
+
+ + + +

Alert Detail

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Medium
Content Security Policy (CSP) Header Not Set
Description +
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/coupons_2013.md.bak
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/eastere.gg
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/encrypt.pyc
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/package-lock.json.bak
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/package.json.bak
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp/suspicious_errors.yml
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
Parameter
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidence
Other Info
Instances11
Solution +
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
+ +
Reference + https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP +
+ + https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html +
+ + https://www.w3.org/TR/CSP/ +
+ + https://w3c.github.io/webappsec-csp/ +
+ + https://web.dev/articles/csp +
+ + https://caniuse.com/#feat=contentsecuritypolicy +
+ + https://content-security-policy.com/ + +
CWE Id693
WASC Id15
Plugin Id10038
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Medium
Cross-Domain Misconfiguration
Description +
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/assets/public/favicon_js.ico
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/ftp
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/main.js
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/polyfills.js
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/robots.txt
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/runtime.js
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/styles.css
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
URLhttp://host.docker.internal:3000/vendor.js
MethodGET
Parameter
Attack
EvidenceAccess-Control-Allow-Origin: *
Other InfoThe CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Instances11
Solution +
Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).
+
+ +
Configure the "Access-Control-Allow-Origin" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.
+ +
Reference + https://vulncat.fortify.com/en/detail?category=HTML5&subcategory=Overly%20Permissive%20CORS%20Policy + +
CWE Id264
WASC Id14
Plugin Id10098
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Cross-Domain JavaScript Source File Inclusion
Description +
The page includes one or more script files from a third-party domain.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/juice-shop/build/routes/fileServer.js:59:18
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/juice-shop/build/routes/fileServer.js:59:18
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Instances10
Solution +
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
+ +
Reference
CWE Id829
WASC Id15
Plugin Id10017
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Dangerous JS Functions
Description +
A dangerous JS function seems to be in use that would leave the site vulnerable.
+ +
URLhttp://host.docker.internal:3000/main.js
MethodGET
Parameter
Attack
EvidencebypassSecurityTrustHtml(
Other Info
URLhttp://host.docker.internal:3000/vendor.js
MethodGET
Parameter
Attack
EvidencebypassSecurityTrustHtml(
Other Info
Instances2
Solution +
See the references for security advice on the use of these functions.
+ +
Reference + https://v17.angular.io/guide/security + +
CWE Id749
WASC Id
Plugin Id10110
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Deprecated Feature Policy Header Set
Description +
The header has now been renamed to Permissions-Policy.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp/eastere.gg
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp/encrypt.pyc
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp/package-lock.json.bak
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp/package.json.bak
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/ftp/suspicious_errors.yml
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/main.js
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/polyfills.js
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/runtime.js
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
URLhttp://host.docker.internal:3000/vendor.js
MethodGET
Parameter
Attack
EvidenceFeature-Policy
Other Info
Instances13
Solution +
Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header instead of the Feature-Policy header.
+ +
Reference + https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Permissions-Policy +
+ + https://scotthelme.co.uk/goodbye-feature-policy-and-hello-permissions-policy/ + +
CWE Id16
WASC Id15
Plugin Id10063
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Insufficient Site Isolation Against Spectre Vulnerability
Description +
Cross-Origin-Embedder-Policy header is a response header that prevents a document from loading any cross-origin resources that don't explicitly grant the document permission (using CORP or CORS).
+ +
URLhttp://host.docker.internal:3000
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
ParameterCross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/ftp
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
ParameterCross-Origin-Opener-Policy
Attack
Evidence
Other Info
Instances12
Solution +
Ensure that the application/web server sets the Cross-Origin-Embedder-Policy header appropriately, and that it sets the Cross-Origin-Embedder-Policy header to 'require-corp' for documents.
+
+ +
If possible, ensure that the end user uses a standards-compliant and modern web browser that supports the Cross-Origin-Embedder-Policy header (https://caniuse.com/mdn-http_headers_cross-origin-embedder-policy).
+ +
Reference + https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Embedder-Policy + +
CWE Id693
WASC Id14
Plugin Id90004
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Timestamp Disclosure - Unix
Description +
A timestamp was disclosed by the application/web server. - Unix
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidence1650485437
Other Info1650485437, which evaluates to: 2022-04-20 20:10:37.
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidence1981395349
Other Info1981395349, which evaluates to: 2032-10-14 19:35:49.
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidence2038834951
Other Info2038834951, which evaluates to: 2034-08-10 15:02:31.
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidence1650485437
Other Info1650485437, which evaluates to: 2022-04-20 20:10:37.
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidence1981395349
Other Info1981395349, which evaluates to: 2032-10-14 19:35:49.
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidence2038834951
Other Info2038834951, which evaluates to: 2034-08-10 15:02:31.
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidence1650485437
Other Info1650485437, which evaluates to: 2022-04-20 20:10:37.
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidence1981395349
Other Info1981395349, which evaluates to: 2032-10-14 19:35:49.
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidence2038834951
Other Info2038834951, which evaluates to: 2034-08-10 15:02:31.
Instances9
Solution +
Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.
+ +
Reference + https://cwe.mitre.org/data/definitions/200.html + +
CWE Id497
WASC Id13
Plugin Id10096
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Informational
Information Disclosure - Suspicious Comments
Description +
The response appears to contain suspicious comments which may help an attacker.
+ +
URLhttp://host.docker.internal:3000/main.js
MethodGET
Parameter
Attack
Evidencequery
Other InfoThe following pattern was used: \bQUERY\b and was detected in likely comment: "//owasp.org' target='_blank'>Open Worldwide Application Security Project (OWASP)</a> and is developed and maintained by voluntee", see evidence field for the suspicious comment/snippet.
URLhttp://host.docker.internal:3000/vendor.js
MethodGET
Parameter
Attack
EvidenceQuery
Other InfoThe following pattern was used: \bQUERY\b and was detected in likely comment: "//www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M0 256C0 397.4 114.6 512 256 512s256-114.6 256-256S397.4 0 256 0S0 114.6 0", see evidence field for the suspicious comment/snippet.
Instances2
Solution +
Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
+ +
Reference
CWE Id615
WASC Id13
Plugin Id10027
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Informational
Modern Web Application
Description +
The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/build/routes/fileServer.js:43:13
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/build/routes/fileServer.js:59:18
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:286:9
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:328:13
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:376:14
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/index.js:421:3
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidence<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other InfoNo links have been found while there are scripts, which is an indication that this is a modern web application.
Instances11
Solution +
This is an informational alert and so no changes are required.
+ +
Reference
CWE Id
WASC Id
Plugin Id10109
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Informational
Storable and Cacheable Content
Description +
The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where "shared" caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.
+ +
URLhttp://host.docker.internal:3000/ftp
MethodGET
Parameter
Attack
Evidence
Other InfoIn the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.
URLhttp://host.docker.internal:3000/robots.txt
MethodGET
Parameter
Attack
Evidence
Other InfoIn the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.
Instances2
Solution +
Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:
+
+ +
Cache-Control: no-cache, no-store, must-revalidate, private
+
+ +
Pragma: no-cache
+
+ +
Expires: 0
+
+ +
This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
+ +
Reference + https://datatracker.ietf.org/doc/html/rfc7234 +
+ + https://datatracker.ietf.org/doc/html/rfc7231 +
+ + https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html + +
CWE Id524
WASC Id13
Plugin Id10049
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Informational
Storable but Non-Cacheable Content
Description +
The response contents are storable by caching components such as proxy servers, but will not be retrieved directly from the cache, without validating the request upstream, in response to similar requests from other users.
+ +
URLhttp://host.docker.internal:3000
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/assets/public/favicon_js.ico
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/main.js
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/polyfills.js
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/runtime.js
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/sitemap.xml
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/styles.css
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
URLhttp://host.docker.internal:3000/vendor.js
MethodGET
Parameter
Attack
Evidencemax-age=0
Other Info
Instances9
Solution
Reference + https://datatracker.ietf.org/doc/html/rfc7234 +
+ + https://datatracker.ietf.org/doc/html/rfc7231 +
+ + https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html + +
CWE Id524
WASC Id13
Plugin Id10049
+
+ + + + + +

Sequence Details

+ With the associated active scan results. + + + +
+ + + + + + +