Added Docker support to ease deployment

Matt Yaraskavitch · Matt Yaraskavitch · commit da7b5ee3474a · 2017-09-13T11:27:06.000-04:00
Instead of needing to spin up a VM, the vulnerable application can
simply be run via Docker using docker-compose. Default MySQL path
has been adjusted to point to the MySQL image.
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,5 @@
 
-# Created by https://www.gitignore.io/api/code-java,java,maven
+# Created by https://www.gitignore.io/api/vim,java,maven,eclipse,code-java
 
 ### Code-Java ###
 # Language Support for Java(TM) by Red Hat extension for Visual Studio Code - https://marketplace.visualstudio.com/items?itemName=redhat.java
@@ -8,9 +8,70 @@
 .classpath
 factoryConfiguration.json
 
+### Eclipse ###
+
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+
+### Eclipse Patch ###
+# Eclipse Core
+
+# JDT-specific (Eclipse Java Development Tools)
+
 ### Java ###
+# Compiled class file
 *.class
 
+# Log file
+*.log
+
 # BlueJ files
 *.ctxt
 
@@ -21,6 +82,9 @@ factoryConfiguration.json
 *.jar
 *.war
 *.ear
+*.zip
+*.tar.gz
+*.rar
 
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
@@ -36,8 +100,21 @@ dependency-reduced-pom.xml
 buildNumber.properties
 .mvn/timing.properties
 
-# Exclude maven wrapper
+# Avoid ignoring Maven wrapper jar file (.jar files are usually ignored)
 !/.mvn/wrapper/maven-wrapper.jar
 
-# End of https://www.gitignore.io/api/code-java,java,maven
-0
+### Vim ###
+# swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-v][a-z]
+[._]sw[a-p]
+# session
+Session.vim
+# temporary
+.netrwhist
+*~
+# auto-generated tag files
+tags
+
+# End of https://www.gitignore.io/api/vim,java,maven,eclipse,code-java
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,18 @@
+FROM tomcat:8.5.20-jre8
+
+RUN pwd
+RUN ls
+
+COPY . /code
+WORKDIR /code
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+		maven \
+		openjdk-8-jdk
+
+RUN mvn clean
+RUN mvn package
+
+RUN cp target/JavaVulnerableLab.war /usr/local/tomcat/webapps/
+
+CMD ["catalina.sh", "run"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,14 @@
+version: '3'
+
+services:
+        db:
+                image: mysql:5.7
+                environment:
+                        MYSQL_ROOT_PASSWORD: root
+        tomcat:
+                build: .
+                ports:
+                        - 8080:8080
+                        - 3306:3306
+                depends_on:
+                        - db
diff --git a/src/main/webapp/WEB-INF/config.properties b/src/main/webapp/WEB-INF/config.properties
@@ -5,6 +5,6 @@
 dbuser=root
 dbpass=root
 dbname=abc
-dburl=jdbc:mysql://localhost:3306/
+dburl=jdbc:mysql://db:3306/
 jdbcdriver=com.mysql.jdbc.Driver
 siteTitle=Java Vulnerable Lab
diff --git a/src/main/webapp/install.jsp b/src/main/webapp/install.jsp
@@ -2,27 +2,27 @@
 
   <%@ include file="/header.jsp" %>
 
- 
+
 <form action="Install" method="POST">
-<table> 
+<table>
     <tr><td>Website Title:</td> <td><input type="text" name="siteTitle" value="Java Vulnerable Lab"/></td></tr>
     <tr><td>Database Name:</td> <td><input type="text" name="dbname" value="abc"/></td></tr>
     <tr><td>Database User:</td> <td><input type="text" name="dbuser" value="root"/></td></tr>
      <tr><td>Database Password:</td> <td><input type="text" name="dbpass" value="root"/></td></tr>
        <tr><td>JDBC Driver:</td> <td><input type="text" name="jdbcdriver" value="com.mysql.jdbc.Driver"/></td></tr>
-       <tr><td>JDBC URL:</td> <td><input type="text" name="dburl" value="jdbc:mysql://localhost:3306/"/></td></tr>
+       <tr><td>JDBC URL:</td> <td><input type="text" name="dburl" value="jdbc:mysql://db:3306/"/></td></tr>
        <tr><td>Admin Login Credential:</td></tr>
        <tr><td>Username(Default):</td> <td><input type="text" name="adminuser" value="admin"/></td></tr>
        <tr><td>Password(Default):</td> <td><input type="text" name="adminpass" value="admin"/></td></tr>
-       
+
        <tr><td></td></tr>
     <input type="hidden" value="1" name="setup"/>
     <tr><td></td> <td><input type="submit" value="Install" name="Install"/></td></tr>
-</table>  
+</table>
 </form>
-<br/>  
+<br/>
 Note:<b style="color:red">If a database already exits, it will be dropped </b>
- 
+
 
 
   <%@ include file="/footer.jsp" %>
