Deploying AcuSensor for Node.js - Docker
🔍 AcuSensor Network PreRequisites |
AcuSensor makes use of the AcuSensor Bridge. Read more information here. |
The most principled way of deploying AcuSensor in a Docker scenario is to simply layer the AcuSensor modifications onto your already existing container definition. This simple example will demonstrate how you can deploy AcuSensor together with your web application.
🔍 Supported Servers and Frameworks |
See the manual page Deploying AcuSensor for .Node.js for information regarding supported servers and frameworks. |
Create your Target in Acunetix
For this example, we will assume that the URL for your target is http://acunetixexample.com:60000. Create a target with your URL, enable AcuSensor, download the AcuSensor agent file node-acusensor.tar, and save this file for use later on.
Define the Web Application image
This simple web application will be defined through the following file structure:
/testnodejs-docker/ /testnodejs-docker/Dockerfile /testnodejs-docker/src/app.js /testnodejs-docker/src/package.json |
Create your /testnodejs-docker/Dockerfile file to read as follows:
FROM node:12 #setup the web pages COPY src/. . #install npm and dependencies RUN npm install |
Create your /testnodejs-docker/src/app.js file to read as follows:
const app = require('express')(); const port = 60000; app.get('/', function (req, res) { res.send( '<html><body>' + '<h1>AcuSensor Example for Node.JS</h1>' + '<br>' + 'Hello World! - Main Page' + '<br>' + '<a href="/page1">Goto Page 1</a>' + '</body></html>' ); }); app.get('/page1', function (req, res) { res.send( '<html><body>' + '<h1>AcuSensor Example for Node.JS</h1>' + '<br>' + 'Hello World! - Page 1' + '<br>' + '<a href="/">Goto Main Page</a>' + '</body></html>' ); }); app.listen(port, function(err){ if (err) console.log(err); console.log("Server listening on port: ", port); }); |
Create your /testnodejs-docker/src/package.json file to read as follows:
{ "name": "testnodejs-docker", "version": "1.0.0", "dependencies": { "express": "*" } } |
Finally, build the image with:
cd /testnodejs-docker docker build -t testnodejs-docker . |
Define the AcuSensor layer image
The AcuSensor layer will be defined through the following file structure:
/testnodejs-docker-acusensor/ /testnodejs-docker-acusensor/Dockerfile /testnodejs-docker-acusensor/node-acusensor.tar |
Copy the node-acusensor.tar file you created in the first step to your docker host into the /testnodejs-docker-acusensor directory.
Create your /testnodejs-docker-acusensor/Dockerfile file to read as follows:
FROM testnodejs-docker #setup and install AcuSensor RUN mkdir /acusensor COPY node-acusensor.tar /acusensor/node-acusensor.tar #expose port and launch the app with AcuSensor EXPOSE 60000 CMD [ "npx", "/acusensor/node-acusensor.tar", "app.js" ] |
Build and run your image with:
cd /testnodejs-docker-acusensor docker build -t testnodejs-docker-acusensor . docker run -d -p 60000:60000 --name mytestnodejs testnodejs-docker-acusensor |
Test and scan your web application
Point your browser to your web application - in this example http://acunetixexample.com:60000 to confirm it is running as intended; you will get the following:
Finally, run a scan on your target; the Activity panel will confirm that AcuSensor was detected and used for the scan.