Protect Node.Js Application

Instructions to protect Node.js application with K2 Platform.

Overview

‌In this section, we outline the steps for protecting your first Node.Js application with the K2 Platform.

Prerequisites

Please check our Node.js support matrix

Language	Frameworks	DBs	Third Party Module support	Attack Coverage	Deployments
Node version 8 to 12 (LTS versions)	Express 4.x Koa 2.x Hapi 17.x, 18.x, 19.x	Mysql PostgreSQL Oracle MongoDB	BlueBird3.x Sequelize Mongoose MongoDb-core Generic-pool Multer	SQLI NOSQLI RCE PATH TRAVERSAL FILE INTEGRITY SSRF FILE UPLOAD STORED XSS REFLECTED XSS, LDAP XPATH UNTRUSTED DESERIALSATION RCI	Host Mode Container Mode EKS ECS

1. K2 doesn't guarantee support for old or deprecated versions of third-party modules.

2. If you run the agent on frameworks that aren't supported, K2 Node Agent may produce less-specific findings than it would for supported frameworks.

Steps

Step 1 : K2 Portal

‌We need to make sure we are using K2 platform in either SaaS model or On-Premises installed.

K2 Portal can be used as SaaS model or you can deploy entire portal on your On-Premises.

K2 SaaS(Recommended)

K2 Platform is offered as SaaS software and can be used directly visiting SaaS portal i.e. https://k2io.net or if you are an AWS customer then you can buy subscription to K2 SaaS portal on AWS Marketplace.

For more details checkout our page

K2 Portal As SaaS

K2 On-Premises

K2 Platform is also offered as On-Premises based solution and can be deployed directory on your local infrastructure or if you are an AWS customer then you can subscribe to K2Cloud AMI and deploy K2 On-Premises portal on AWS.

For more details

K2 Portal On-Premises

‌Step 2 : K2 Agents

We will require K2 agents installed for our demonstration

Please choose your environment from below tabs and follow instructions

Node/VM/EC2

Checkout our K2 Agents Installation Page for Node/VM/EC2‌

Node/VM/EC2

Kubernetes

Checkout our K2 Agents Installation Page for Kubernetes

Kubernetes

AWS ECS

Checkout our K2 Agents Installation Page for AWS ECS

AWS ECS/Fargate

AWS Fargate

Checkout our K2 Agents Installation Page for AWS Fargate

Windows

Checkout our K2 Agents Installation Page for Windows

Step 3 : Protect Node.Js Web Application

‌In this step you need to install K2's Node.Js Language Agent.‌

Please choose your environment from below tabs and follow instructions

Node/VM/EC2

Checkout our Node.Js Language Agent Installation Page for Node/VM/EC2‌

Node/VM/EC2

Kubernetes

Checkout our Node.Js Language Agent Installation Page for Kubernetes

Kubernetes

AWS ECS/EKS/Fargate

Checkout our Node.Js Language Agent Installation Page for AWS ECS/EKS/Fargate

AWS ECS/EKS/Fargate

Step 4 : Attacking and Preventing first Attack

‌For demonstration purposes we are creating a docker container with non secure application and running it with our already downloaded K2 Node.Js language agent.

docker run -v /opt/k2-ic:/opt/k2-ic -e K2_OPTS="--require /opt/k2-ic/k2-njs-agent" -itd -p 8080:8080 --name syscall_node k2cyber/test_application:k2-node-vulnerable-perf

SQL Injection Attack

curl -X POST \
http://localhost:8080/users/sqli \
-H 'accept: */*' \
-H 'cache-control: no-cache' \
-H 'content-type: application/x-www-form-urlencoded' \
-H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36' \
-d 'email=admin'\''%20OR%20'\''1'\''%3D'\''1&password=--'

‌Now you can go to Attacks section in K2 Manager and see there will be one attack captured by K2 Manager or Alternatively go to Attacks | K2 Portal..‌

Congratulations you've successfully prevented a SQL injection attack.‌‌

What Next ?

‌if you are interested in looking at various genres of attacks prevented by K2 platform, Checkout below page

Run Demo Exploits