{"id":29944,"date":"2023-05-27T16:18:03","date_gmt":"2023-10-17T08:12:59","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/"},"modified":"2025-08-12T16:43:01","modified_gmt":"2025-08-12T08:43:01","slug":"%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/","title":{"rendered":"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09"},"content":{"rendered":"

\u8fd9\u662f\u4ec0\u4e48\uff1fMongoDB\u306b\u5bfe\u3059\u308bNoSQL Injection\u3092\u984c\u6750\u3068\u3057\u305fCTF\u306e\u554f\u984c\u30b5\u30fc\u30d0\u30fc\u3092\u7528\u610f\u3057\u305f\u304f\u4f5c\u6210\u3057\u305f\u306e\u3067\u5b9f\u7528\u306b\u306f\u5411\u3044\u3066\u307e\u305b\u3093\u3002
\nm1z0r3\u3068\u3044\u3046CTF\u30c1\u30fc\u30e0\u306e\u52c9\u5f37\u4f1a\u7528\u306b\u4f5c\u6210\u3057\u305f\u306e\u3067\u6240\u3005m1z0r3\u3068\u304bmizore\u3068\u304b\u3042\u308a\u307e\u3059\u3002
\nhttps:\/\/qiita.com\/sho_U\/items\/43f6483aac8ca45a12f6 \u306e\u8a18\u4e8b\u3092\u53c2\u8003\u306b\u4f5c\u3089\u305b\u3066\u3044\u305f\u3060\u304d\u307e\u3057\u305f\u3002<\/p>\n

\u51c6\u5907\u7684\u6587\u4ef6\u4eec<\/p>\n

\u6574\u4f53\u7684\u56fe\u50cf<\/p>\n
\u251c\u2500\u2500 .env\r\n\u251c\u2500\u2500 .gitignore\r\n\u251c\u2500\u2500 Dockerfile\r\n\u251c\u2500\u2500 challenge\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 controller\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 initUserController.js\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 index.js\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 models\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 User.js\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 package.json\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 routes\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 index.js\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 views\r\n\u2502\u00a0\u00a0     \u251c\u2500\u2500 index.ejs\r\n\u2502\u00a0\u00a0     \u2514\u2500\u2500 js\r\n\u2502\u00a0\u00a0         \u2514\u2500\u2500 main.js\r\n\u251c\u2500\u2500 data\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 db (\u7a7a\u30c7\u30a3\u30ec\u30af\u30c8\u30ea)\r\n\u251c\u2500\u2500 docker-compose.yml\r\n\u251c\u2500\u2500 secret_file\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 db.env\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 db_init\r\n\u2502\u00a0\u00a0     \u2514\u2500\u2500 mongo_init_user.js\r\n\u251c\u2500\u2500 setup.sh\r\n\u2514\u2500\u2500 src (\u7a7a\u30c7\u30a3\u30ec\u30af\u30c8\u30ea)\r\n<\/code><\/pre>\n
\u5404\u4e2a\u6587\u4ef6\u7684\u5185\u5bb9<\/p>\n
MONGO_INITDB_ROOT_USERNAME<\/span>=<<\/span>mongoDB<\/span>\u306e<\/span>root<\/span>\u306e\u30e6\u30fc\u30b6\u30fc\u540d<\/span>><\/span>\r\nMONGO_INITDB_ROOT_PASSWORD<\/span>=<<\/span>mongoDB<\/span>\u306e<\/span>root<\/span>\u306e\u30d1\u30b9\u30ef\u30fc\u30c9<\/span>><\/span>\r\nMONGO_INITDB_DATABASE<\/span>=<<\/span>mongoDB<\/span>\u306e\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u540d<\/span>><\/span>\r\n<\/code><\/pre>\n
node_modules<\/span>\/<\/span>    \r\ndata<\/span>\/<\/span>    \r\nsecret_file<\/span>\/<\/span>\r\n<\/code><\/pre>\n
FROM<\/span> node:12    <\/span>\r\nWORKDIR<\/span> \/app<\/span>\r\nRUN <\/span>apt-get update &&<\/span> apt-get install<\/span> -y<\/span> vim    \r\nRUN <\/span>npm install<\/span>\r\n<\/code><\/pre>\n
version<\/span>:<\/span> '<\/span>3'<\/span>\r\nservices<\/span>:<\/span>\r\n  app<\/span>:<\/span>\r\n    build<\/span>:<\/span> .\/<\/span>\r\n    container_name<\/span>:<\/span> nosqli-web<\/span>\r\n    ports<\/span>:<\/span>\r\n      -<\/span> \"<\/span>3004:3000\"<\/span>\r\n    restart<\/span>:<\/span> always<\/span>\r\n    working_dir<\/span>:<\/span> \/app<\/span>\r\n    tty<\/span>:<\/span> true<\/span>\r\n    volumes<\/span>:<\/span>\r\n      -<\/span> .\/src:\/app<\/span>\r\n    env_file<\/span>:<\/span>\r\n      -<\/span> .\/secret_file\/db.env<\/span>\r\n    command<\/span>:<\/span> bash<\/span>\r\n    networks<\/span>:<\/span>\r\n      -<\/span> mizore-network<\/span>\r\n    depends_on<\/span>:<\/span>\r\n      -<\/span> mongo<\/span>\r\n  mongo<\/span>:<\/span>\r\n    image<\/span>:<\/span> mongo:latest<\/span>\r\n    container_name<\/span>:<\/span> nosqli-db<\/span>\r\n    ports<\/span>:<\/span>\r\n      -<\/span> \"<\/span>3005:27017\"<\/span>\r\n    restart<\/span>:<\/span> always<\/span>\r\n    environment<\/span>:<\/span>\r\n      MONGO_INITDB_ROOT_USERNAME<\/span>:<\/span> ${MONGO_INITDB_ROOT_USERNAME}<\/span>\r\n      MONGO_INITDB_ROOT_PASSWORD<\/span>:<\/span> ${MONGO_INITDB_ROOT_PASSWORD}<\/span>\r\n      MONGO_INITDB_DATABASE<\/span>:<\/span> ${MONGO_INITDB_DATABASE}<\/span>\r\n    volumes<\/span>:<\/span>\r\n      -<\/span> .\/data\/db:\/data\/db<\/span>\r\n      -<\/span> .\/secret_file\/db_init\/:\/docker-entrypoint-initdb.d<\/span>\r\n    env_file<\/span>:<\/span>\r\n      -<\/span> .\/secret_file\/db.env<\/span>\r\n    command<\/span>:<\/span>\r\n      -<\/span> mongod<\/span>\r\n    networks<\/span>:<\/span>\r\n      -<\/span> mizore-network<\/span>\r\nnetworks<\/span>:<\/span>\r\n  mizore-network<\/span>:<\/span> (\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u540d\u306f\u9069\u5f53\u306b\u5909\u3048\u308b)<\/span>\r\n    external<\/span>:<\/span> true<\/span>\r\n<\/code><\/pre>\n
DB_USER<\/span>=<<\/span>mongoDB<\/span>\u306e\u30e6\u30fc\u30b6\u30fc\u540d<\/span>(<\/span>\u81ea\u5206\u306f<\/span>.<\/span>env<\/span>\u3068\u540c\u3058\u306b\u3057\u305f<\/span>)<\/span>><\/span>\r\nDB_PASS<\/span>=<<\/span>mongoDB<\/span>\u306e\u30d1\u30b9\u30ef\u30fc\u30c9<\/span>(<\/span>\u81ea\u5206\u306f<\/span>.<\/span>env<\/span>\u3068\u540c\u3058\u306b\u3057\u305f<\/span>)<\/span>><\/span>\r\nDB_NAME<\/span>=<<\/span>mongoDB<\/span>\u306e\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u540d<\/span>(<\/span>\u81ea\u5206\u306f<\/span>.<\/span>env<\/span>\u3068\u540c\u3058\u306b\u3057\u305f<\/span>)<\/span>><\/span>\r\n<\/code><\/pre>\n
let<\/span> users<\/span> =<\/span> [<\/span>\r\n  {<\/span>\r\n    user: <\/span>\"<mongoDB\u306e\u30e6\u30fc\u30b6\u30fc\u540d(\u3053\u308c\u3082\u81ea\u5206\u306f.env\u3068\u540c\u3058\u306b\u3057\u305f)>\"<\/span>,<\/span>\r\n    pwd: <\/span>\"<mongoDB\u306e\u30d1\u30b9\u30ef\u30fc\u30c9(\u3053\u308c\u3082\u81ea\u5206\u306f.env\u3068\u540c\u3058\u306b\u3057\u305f)>\"<\/span>,<\/span>\r\n    roles: <\/span>[<\/span>\r\n      {<\/span>\r\n        role: <\/span>\"dbOwner\"<\/span>,<\/span>\r\n        db: <\/span>\"<mongoDB\u306e\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u540d(\u3053\u308c\u3082\u81ea\u5206\u306f.env\u3068\u540c\u3058\u306b\u3057\u305f)>\"<\/span>\r\n      }<\/span>\r\n    ]<\/span>\r\n  }<\/span>\r\n];<\/span>\r\n\r\nfor<\/span> (<\/span>let<\/span> i<\/span> =<\/span> 0<\/span>,<\/span> length<\/span> =<\/span> users<\/span>.<\/span>length<\/span>;<\/span> i<\/span> <<\/span> length<\/span>;<\/span> ++<\/span>i<\/span>)<\/span> {<\/span>\r\n  db<\/span>.<\/span>createUser<\/span>(<\/span>users<\/span>[<\/span>i<\/span>]);<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
const<\/span> InitUser<\/span> =<\/span> require<\/span>(<\/span>'<\/span>..\/models\/User<\/span>'<\/span>);<\/span>\r\n\r\nconst<\/span> user<\/span> =<\/span> ()<\/span> =><\/span> {<\/span>\r\n    let<\/span> initUser<\/span> =<\/span> new<\/span> InitUser<\/span>({<\/span>\r\n        username<\/span>:<\/span> \"<\/span>admin<\/span>\"<\/span>,<\/span>\r\n        password<\/span>:<\/span> \"<\/span>m1z0r3{...flag....}<\/span>\"<\/span>\r\n    })<\/span>\r\n    initUser<\/span>.<\/span>save<\/span>((<\/span>error<\/span>,<\/span> data<\/span>)<\/span> =><\/span> {<\/span>\r\n        if<\/span> (<\/span>error<\/span>)<\/span> {<\/span>\r\n            console<\/span>.<\/span>log<\/span>(<\/span>error<\/span>);<\/span>\r\n        }<\/span>\r\n        console<\/span>.<\/span>log<\/span>(<\/span>data<\/span>);<\/span>\r\n    })<\/span>\r\n\r\n    let<\/span> initUser2<\/span> =<\/span> new<\/span> InitUser<\/span>({<\/span>\r\n        username<\/span>:<\/span> \"<\/span>admin<\/span>\"<\/span>,<\/span>\r\n        password<\/span>:<\/span> \"<\/span>mmmmmmimmmmmmm_mm_mmmmmi<\/span>\"<\/span>\r\n    })<\/span>\r\n    initUser2<\/span>.<\/span>save<\/span>((<\/span>error<\/span>,<\/span> data<\/span>)<\/span> =><\/span> {<\/span>\r\n        if<\/span> (<\/span>error<\/span>)<\/span> {<\/span>\r\n            console<\/span>.<\/span>log<\/span>(<\/span>error<\/span>);<\/span>\r\n        }<\/span>\r\n        console<\/span>.<\/span>log<\/span>(<\/span>data<\/span>);<\/span>\r\n    })<\/span>\r\n\r\n    let<\/span> initUser3<\/span> =<\/span> new<\/span> InitUser<\/span>({<\/span>\r\n        username<\/span>:<\/span> \"<\/span>test<\/span>\"<\/span>,<\/span>\r\n        password<\/span>:<\/span> \"<\/span>passwd<\/span>\"<\/span>\r\n    })<\/span>\r\n    initUser3<\/span>.<\/span>save<\/span>((<\/span>error<\/span>,<\/span> data<\/span>)<\/span> =><\/span> {<\/span>\r\n        if<\/span> (<\/span>error<\/span>)<\/span> {<\/span>\r\n            console<\/span>.<\/span>log<\/span>(<\/span>error<\/span>);<\/span>\r\n        }<\/span>\r\n        console<\/span>.<\/span>log<\/span>(<\/span>data<\/span>);<\/span>\r\n    })<\/span>\r\n}<\/span>\r\n\r\nmodule<\/span>.<\/span>exports<\/span> =<\/span> {<\/span> user<\/span> };<\/span>\r\n<\/code><\/pre>\n
const<\/span> express<\/span>    =<\/span> require<\/span>(<\/span>\"<\/span>express<\/span>\"<\/span>);<\/span>\r\nconst<\/span> app<\/span>        =<\/span> express<\/span>();<\/span>\r\nconst<\/span> bodyParser<\/span> =<\/span> require<\/span>(<\/span>\"<\/span>body-parser<\/span>\"<\/span>);<\/span>\r\nconst<\/span> routes<\/span>     =<\/span> require<\/span>(<\/span>\"<\/span>.\/routes<\/span>\"<\/span>);<\/span>\r\nconst<\/span> mongoose<\/span>   =<\/span> require<\/span>(<\/span>\"<\/span>mongoose<\/span>\"<\/span>);<\/span>\r\n\r\nmongoose<\/span>.<\/span>connect<\/span>(<\/span>\r\n  `mongodb:\/\/<\/span>${<\/span>process<\/span>.<\/span>env<\/span>.<\/span>DB_USER<\/span>}<\/span>:<\/span>${<\/span>process<\/span>.<\/span>env<\/span>.<\/span>DB_PASS<\/span>}<\/span>@mongo:27017\/<\u5148\u7a0b\u306emongoDB\u306e\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u540d>`<\/span>,<\/span>\r\n  {<\/span> useNewUrlParser<\/span>:<\/span> true<\/span>,<\/span> useUnifiedTopology<\/span>:<\/span> true<\/span> }<\/span>\r\n);<\/span>\r\n\/\/ \"@mongo\" \u306emongo\u306fdocker-compose.yml\u306e \"mongo:\" \u306b\u5bfe\u5fdc\u3057\u3066\u3044\u308b\u306e\u3067localhost\u3068\u304b\u3058\u3083\u3067\u304d\u306a\u3044\u306e\u3067\u6ce8\u610f<\/span>\r\n\/\/ \u5f8c\u30dd\u30fc\u30c8\u306e27017\u306f\u30b3\u30f3\u30c6\u30ca\u5074\u306e\u30dd\u30fc\u30c8(\":\"\u3067\u533a\u5207\u3063\u305f\u6642\u306e\u53f3\u306e\u65b9)<\/span>\r\n\/\/ { useNewUrlParser: true, useUnifiedTopology: true } \u306e\u90e8\u5206\u306f\u3053\u308c\u3092\u4e38\u30b3\u30d4(\u4ed6\u306e\u3060\u3068\u3046\u307e\u304f\u884c\u304b\u306a\u3044\u3068\u3044\u3046\u8a18\u4e8b\u3092\u307f\u305f)<\/span>\r\n\r\napp<\/span>.<\/span>use<\/span>(<\/span>bodyParser<\/span>.<\/span>json<\/span>());<\/span>\r\napp<\/span>.<\/span>use<\/span>(<\/span>bodyParser<\/span>.<\/span>urlencoded<\/span>({<\/span>\r\n  extended<\/span>:<\/span> true<\/span>\r\n}));<\/span>\r\n\r\napp<\/span>.<\/span>set<\/span>(<\/span>'<\/span>view engine<\/span>'<\/span>,<\/span> \"<\/span>ejs<\/span>\"<\/span>);<\/span>\r\n\r\napp<\/span>.<\/span>use<\/span>(<\/span>routes<\/span>);<\/span>\r\n\r\n\/\/ \u6700\u521d \/initUser \u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066mongoDB\u306b\u30e6\u30fc\u30b6\u30fc(\u30c7\u30fc\u30bf\u3068\u3057\u3066\u306e\u30e6\u30fc\u30b6\u30fc\u3001mongoDB\u306e\u8a8d\u8a3c\u95a2\u9023\u306e\u30e6\u30fc\u30b6\u30fc\u3058\u3083\u306a\u3044)\u306e\u30c7\u30fc\u30bf\u3092\u5165\u308c\u308b\u3002<\/span>\r\nconst<\/span> initUserController<\/span> =<\/span> require<\/span>(<\/span>\"<\/span>.\/controller\/initUserController<\/span>\"<\/span>);<\/span>\r\napp<\/span>.<\/span>get<\/span>(<\/span>\"<\/span>\/initUser<\/span>\"<\/span>,<\/span> initUserController<\/span>.<\/span>user<\/span>);<\/span>\r\n\r\napp<\/span>.<\/span>all<\/span>(<\/span>\"<\/span>*<\/span>\"<\/span>,<\/span> (<\/span>req<\/span>,<\/span> res<\/span>)<\/span> =><\/span> {<\/span>\r\n  return<\/span> res<\/span>.<\/span>status<\/span>(<\/span>404<\/span>).<\/span>send<\/span>({<\/span>\r\n    message<\/span>:<\/span> '<\/span>404 page not found<\/span>'<\/span>\r\n  });<\/span>\r\n});<\/span>\r\n\r\napp<\/span>.<\/span>listen<\/span>(<\/span>3000<\/span>,<\/span> ()<\/span> =><\/span> console<\/span>.<\/span>log<\/span>(<\/span>\"<\/span>Listening on port 3004<\/span>\"<\/span>));<\/span>\r\n\/\/ 3000\u306f\u30b3\u30f3\u30c6\u30ca\u306e\u65b9\u306e\u30dd\u30fc\u30c8\u3067\u30013004\u306f\u30db\u30b9\u30c8\u3067\u5b9f\u969b\u306b\u958b\u3044\u3066\u308b\u30dd\u30fc\u30c8<\/span>\r\n<\/code><\/pre>\n
{<\/span>\r\n  \"name\"<\/span>:<\/span> \"mizore-app\"<\/span>,<\/span>\r\n  \"version\"<\/span>:<\/span> \"0.0.0\"<\/span>,<\/span>\r\n  \"private\"<\/span>:<\/span> true<\/span>,<\/span>\r\n  \"scripts\"<\/span>:<\/span> {<\/span>\r\n    \"start\"<\/span>:<\/span> \"nodemon .\/bin\/www\"<\/span>\r\n  },<\/span>\r\n  \"dependencies\"<\/span>:<\/span> {<\/span>\r\n    \"bcrypt\"<\/span>:<\/span> \"^5.0.0\"<\/span>,<\/span>\r\n    \"body-parser\"<\/span>:<\/span> \"^1.19.0\"<\/span>,<\/span>\r\n    \"connect-flash\"<\/span>:<\/span> \"^0.1.1\"<\/span>,<\/span>\r\n    \"cookie-parser\"<\/span>:<\/span> \"~1.4.4\"<\/span>,<\/span>\r\n    \"debug\"<\/span>:<\/span> \"~2.6.9\"<\/span>,<\/span>\r\n    \"ejs\"<\/span>:<\/span> \"^3.1.5\"<\/span>,<\/span>\r\n    \"express\"<\/span>:<\/span> \"~4.16.1\"<\/span>,<\/span>\r\n    \"express-ejs-layouts\"<\/span>:<\/span> \"^2.5.0\"<\/span>,<\/span>\r\n    \"express-generator\"<\/span>:<\/span> \"^4.16.1\"<\/span>,<\/span>\r\n    \"express-session\"<\/span>:<\/span> \"^1.17.1\"<\/span>,<\/span>\r\n    \"express-validator\"<\/span>:<\/span> \"^6.7.0\"<\/span>,<\/span>\r\n    \"http-errors\"<\/span>:<\/span> \"~1.6.3\"<\/span>,<\/span>\r\n    \"http-status-codes\"<\/span>:<\/span> \"^2.1.4\"<\/span>,<\/span>\r\n    \"method-override\"<\/span>:<\/span> \"^3.0.0\"<\/span>,<\/span>\r\n    \"mongoose\"<\/span>:<\/span> \"^5.11.9\"<\/span>,<\/span>\r\n    \"morgan\"<\/span>:<\/span> \"~1.9.1\"<\/span>,<\/span>\r\n    \"nodemon\"<\/span>:<\/span> \"^2.0.6\"<\/span>,<\/span>\r\n    \"passport\"<\/span>:<\/span> \"^0.4.1\"<\/span>,<\/span>\r\n    \"passport-local-mongoose\"<\/span>:<\/span> \"^6.0.1\"<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
const<\/span> mongoose<\/span> =<\/span> require<\/span>(<\/span>\"<\/span>mongoose<\/span>\"<\/span>);<\/span>\r\nconst<\/span> Schema<\/span>   =<\/span> mongoose<\/span>.<\/span>Schema<\/span>;<\/span>\r\n\r\nlet<\/span> User<\/span> =<\/span> new<\/span> Schema<\/span>({<\/span>\r\n  username<\/span>:<\/span> {<\/span>\r\n        type<\/span>:<\/span> String<\/span>\r\n    },<\/span>\r\n  password<\/span>:<\/span> {<\/span>\r\n        type<\/span>:<\/span> String<\/span>\r\n    }<\/span>\r\n},<\/span> {<\/span>\r\n    collection<\/span>:<\/span> '<\/span>users<\/span>'<\/span>\r\n});<\/span>\r\n\r\nmodule<\/span>.<\/span>exports<\/span> =<\/span> mongoose<\/span>.<\/span>model<\/span>(<\/span>\"<\/span>User<\/span>\"<\/span>,<\/span> User<\/span>);<\/span>\r\n<\/code><\/pre>\n
var<\/span> express<\/span> =<\/span> require<\/span>(<\/span>'<\/span>express<\/span>'<\/span>);<\/span>\r\nvar<\/span> router<\/span>  =<\/span> express<\/span>.<\/span>Router<\/span>();<\/span>\r\nvar<\/span> User<\/span>    =<\/span> require<\/span>(<\/span>\"<\/span>..\/models\/User<\/span>\"<\/span>);<\/span>\r\n\r\n\/* GET home page. *\/<\/span>\r\nrouter<\/span>.<\/span>get<\/span>(<\/span>'<\/span>\/<\/span>'<\/span>,<\/span> function<\/span>(<\/span>req<\/span>,<\/span> res<\/span>,<\/span> next<\/span>)<\/span> {<\/span>\r\n  res<\/span>.<\/span>render<\/span>(<\/span>'<\/span>index<\/span>'<\/span>,<\/span> {<\/span> title<\/span>:<\/span> '<\/span>Express<\/span>'<\/span> });<\/span>\r\n});<\/span>\r\n\r\nrouter<\/span>.<\/span>post<\/span>(<\/span>\"<\/span>\/login<\/span>\"<\/span>,<\/span> (<\/span>req<\/span>,<\/span> res<\/span>)<\/span> =><\/span> {<\/span>\r\n  let<\/span> {<\/span> username<\/span>,<\/span> password<\/span> }<\/span> =<\/span> req<\/span>.<\/span>body<\/span>;<\/span>\r\n\r\n  if<\/span>(<\/span>username<\/span> &&<\/span> password<\/span>)<\/span> {<\/span>\r\n    return<\/span> User<\/span>.<\/span>find<\/span>({<\/span>\r\n      username<\/span>,<\/span> password<\/span>\r\n    })<\/span>\r\n    .<\/span>then<\/span>((<\/span>user<\/span>)<\/span> =><\/span> {<\/span>\r\n      if<\/span>(<\/span>user<\/span>.<\/span>length<\/span> ==<\/span> 1<\/span>)<\/span> {<\/span>\r\n        return<\/span> res<\/span>.<\/span>json<\/span>({<\/span>logged<\/span>:<\/span> 1<\/span>,<\/span> message<\/span>:<\/span> `Login Successful, welcome back <\/span>${<\/span>user<\/span>[<\/span>0<\/span>].<\/span>username<\/span>}<\/span> : <\/span>${<\/span>user<\/span>[<\/span>0<\/span>].<\/span>password<\/span>}<\/span>`<\/span> });<\/span>\r\n      }<\/span> else<\/span> {<\/span>\r\n        return<\/span> res<\/span>.<\/span>json<\/span>({<\/span>logged<\/span>:<\/span> 0<\/span>,<\/span> message<\/span>:<\/span> `Login Failed`<\/span>});<\/span>\r\n      }<\/span>\r\n    })<\/span>\r\n    .<\/span>catch<\/span>(()<\/span> =><\/span> res<\/span>.<\/span>json<\/span>({<\/span> message<\/span>:<\/span> \"<\/span>Something went wrong<\/span>\"<\/span> }));<\/span>\r\n  }<\/span>\r\n  return<\/span> res<\/span>.<\/span>json<\/span>({<\/span> message<\/span>:<\/span> \"<\/span>Invalid username or password<\/span>\"<\/span> });<\/span>\r\n});<\/span>\r\n\r\nmodule<\/span>.<\/span>exports<\/span> =<\/span> router<\/span>;<\/span>\r\n<\/code><\/pre>\n
<!DOCTYPE html><\/span>\r\n<html><\/span>\r\n  <head><\/span>\r\n    <title><\/span>NoSQLi Practice<\/title><\/span>\r\n    <link<\/span> rel=<\/span>'stylesheet'<\/span> href=<\/span>'\/stylesheets\/style.css'<\/span> \/><\/span>\r\n  <\/head><\/span>\r\n  <body><\/span>\r\n    <h1><\/span>NoSQLi Practice<\/h1><\/span>\r\n        <p><\/span>Search User here<\/p><\/span>\r\n        <form<\/span> action=<\/span>\"\/login\"<\/span> method=<\/span>\"post\"<\/span>><\/span>\r\n            <label<\/span> for=<\/span>\"username\"<\/span>><\/span>username:<\/label><\/span>\r\n            <input<\/span> type=<\/span>\"text\"<\/span> id=<\/span>\"username\"<\/span> name=<\/span>\"username\"<\/span>><br\/><\/span>\r\n            <label<\/span> for=<\/span>\"password\"<\/span>><\/span>password:<\/label><\/span>\r\n            <input<\/span> type=<\/span>\"text\"<\/span> id=<\/span>\"password\"<\/span> name=<\/span>\"password\"<\/span>><br\/><\/span>\r\n            <input<\/span> type=<\/span>\"submit\"<\/span> value=<\/span>\"login\"<\/span>><\/span>\r\n        <\/form><\/span>\r\n  <\/body><\/span>\r\n<\/html><\/span>\r\n<\/code><\/pre>\n
const<\/span> login<\/span>    =<\/span> document<\/span>.<\/span>getElementById<\/span>(<\/span>\"<\/span>login<\/span>\"<\/span>);<\/span>\r\nconst<\/span> response<\/span> =<\/span> document<\/span>.<\/span>getElementById<\/span>(<\/span>\"<\/span>response<\/span>\"<\/span>);<\/span>\r\n\r\nlogin<\/span>.<\/span>addEventListener<\/span>(<\/span>\"<\/span>submit<\/span>\"<\/span>,<\/span> e<\/span> =><\/span> {<\/span>\r\n    e<\/span>.<\/span>preventDefault<\/span>();<\/span>\r\n    fetch<\/span>(<\/span>\"<\/span>\/login<\/span>\"<\/span>,<\/span> {<\/span>\r\n        method<\/span>:<\/span> \"<\/span>POST<\/span>\"<\/span>,<\/span>\r\n        body<\/span>:<\/span> new<\/span> URLSearchParams<\/span>(<\/span>new<\/span> FormData<\/span>(<\/span>e<\/span>.<\/span>target<\/span>))<\/span>\r\n    })<\/span>\r\n    .<\/span>then<\/span>(<\/span>resp<\/span> =><\/span> resp<\/span>.<\/span>json<\/span>())<\/span>\r\n    .<\/span>then<\/span>(<\/span>data<\/span> =><\/span> {<\/span>\r\n        if<\/span>(<\/span>data<\/span>.<\/span>logged<\/span>)<\/span> {<\/span>\r\n            login<\/span>.<\/span>remove<\/span>();<\/span>\r\n            response<\/span>.<\/span>innerHTML<\/span> =<\/span> data<\/span>.<\/span>message<\/span>;<\/span>\r\n        }<\/span> else<\/span> {<\/span>\r\n            response<\/span>.<\/span>innerHTML<\/span> =<\/span> data<\/span>.<\/span>message<\/span>;<\/span>\r\n        }<\/span>\r\n    });<\/span>\r\n});<\/span>\r\n<\/code><\/pre>\n
\u6784\u5efa
\n\u6682\u65f6\u5148\u521b\u5efa\u4e0b\u9762\u7684setup.sh\u3002<\/p>\n
# usage: .\/setup.sh <containerID><\/span>\r\n\r\n# sudo rm -rf data\/db\/* && sudo rm -rf src\/*<\/span>\r\n# dc build<\/span>\r\n# docker network create mizore-network<\/span>\r\n# dc run app \/bin\/bash<\/span>\r\n\r\ndocker restart $1<\/span> &&<\/span> \\<\/span>\r\ndocker exec<\/span> $1<\/span> npx express-generator -f<\/span> --view<\/span>=<\/span>ejs &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/index.js $1<\/span>:\/app\/ &&<\/span> echo<\/span> \"[OK] index.js\"<\/span> &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/package.json $1<\/span>:\/app\/ &&<\/span> echo<\/span> \"[OK] package.json\"<\/span> &&<\/span> \\<\/span>\r\ndocker exec<\/span> $1<\/span> mkdir<\/span> \/app\/models &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/models\/User.js $1<\/span>:\/app\/models\/ &&<\/span> echo<\/span> \"[OK] models\/User.js\"<\/span> &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/routes\/index.js $1<\/span>:\/app\/routes\/ &&<\/span> echo<\/span> \"[OK] routes\/index.js\"<\/span> &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/views\/index.ejs $1<\/span>:\/app\/views\/ &&<\/span> echo<\/span> \"[OK] views\/index.ejs\"<\/span> &&<\/span> \\<\/span>\r\ndocker exec<\/span> $1<\/span> mkdir<\/span> \/app\/views\/js &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/views\/js\/main.js $1<\/span>:\/app\/views\/js\/ &&<\/span> echo<\/span> \"[OK] views\/js\/main.js\"<\/span> &&<\/span> \\<\/span>\r\ndocker exec<\/span> $1<\/span> mkdir<\/span> \/app\/controller &&<\/span> \\<\/span>\r\ndocker cp<\/span> .\/challenge\/controller\/initUserController.js $1<\/span>:\/app\/controller\/ &&<\/span> echo<\/span> \"[OK] controller\/initUserController.js\"<\/span> &&<\/span> \\<\/span>\r\ndocker exec<\/span> $1<\/span> npm install<\/span> &&<\/span> \\<\/span>\r\ndocker-compose up -d<\/span> &&<\/span> \\<\/span>\r\ndocker stop $1<\/span> &&<\/span> docker rm<\/span> $1<\/span> &&<\/span> \\<\/span>\r\ndocker-compose exec <\/span>app bash \r\n# docker-compose exec app node \/app\/index.js<\/span>\r\n<\/code><\/pre>\n
\u90a3\u4e9b\u6ce8\u91ca\u6389\u7684\u90e8\u5206\u53ef\u4ee5\u4fdd\u6301\u6ce8\u91ca\u6389\u7684\u72b6\u6001\u3002<\/p>\n
\u5728\u8fd0\u884c chmod +x setup.sh \u540e\uff0c\u9996\u5148\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u521b\u5efadocker\u7f51\u7edc\u3002<\/p>\n
docker network create mizore-network\r\n# \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u540d\u306fdocker-compose.yml\u3067\u5b9a\u7fa9\u3057\u305f\u3084\u3064<\/span>\r\n<\/code><\/pre>\n
\u63a5\u4e0b\u6765\uff0c\u6267\u884c\u4ee5\u4e0b\u6307\u4ee4\u3002<\/p>\n
docker-compose build\r\n<\/code><\/pre>\n
\u4e0d\u8981\u5728\u610f\u7684\u662f\uff0c\u5728\u6700\u540e\u51e0\u884c\u4f1a\u51fa\u73b0\u4e00\u4e9b\u7ea2\u8272\u9519\u8bef\u3002\u8bf7\u76f4\u63a5\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u3002<\/p>\n
docker-compose run app \/bin\/bash\r\n<\/code><\/pre>\n
\u6267\u884c\u8fd9\u4e2a\u547d\u4ee4\u4f1a\u521b\u5efa\u4e00\u4e2a\u5bb9\u5668\uff0c\u7136\u540e\u901a\u8fc7bash\u8fdb\u5165\u8be5\u5bb9\u5668\u3002\u5728\u5bb9\u5668\u5185\u4f7f\u7528exit\u547d\u4ee4\u9000\u51fa\uff0c\u7136\u540e\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u6765\u590d\u5236\u8be5\u5bb9\u5668\u7684ID\u3002<\/p>\n
docker ps -a<\/span>\r\n<\/code><\/pre>\n
\u5982\u679c\u53ef\u4ee5\u590d\u5236\u5bb9\u5668ID\uff0c\u8bf7\u6309\u4ee5\u4e0b\u65b9\u5f0f\u6267\u884c\u524d\u9762\u7684 setup.sh\u3002<\/p>\n
.\/setup.sh <\u30b3\u30d4\u30fc\u3057\u305f\u30b3\u30f3\u30c6\u30caID>\r\n<\/code><\/pre>\n
\u5982\u679c\u4e00\u5207\u987a\u5229\uff0c\u6700\u540e\u53ef\u4ee5\u901a\u8fc7 docker-compose exec app bash \u547d\u4ee4\u8fdb\u5165bash\u3002<\/p>\n
\u5c06\u6570\u636e\u5b58\u5165MongoDB + \u542f\u52a8Web\u670d\u52a1\u5668
\n\u60f3\u5fc5\u4f60\u5df2\u7ecf\u8fdb\u5165\u4e86bash\uff0c\u5e76\u4e14\u5728\/app\u76ee\u5f55\u4e0b\uff0c\u90a3\u4e48\u53ef\u4ee5\u76f4\u63a5\u6267\u884c\u4ee5\u4e0b\u64cd\u4f5c\u3002<\/p>\n
node index.js\r\n<\/code><\/pre>\n
\u5982\u679c\u6ca1\u6709\u9519\u8bef\u7684\u8bdd\uff0c\u5e94\u8be5\u4f1a\u663e\u793a\u50cf console.log \u4e00\u6837\u7684 “Listening on 3004″\uff0c\u7136\u540e\u8bbf\u95ee http:\/\/localhost:3004 \u6765\u786e\u8ba4\u7f51\u7ad9\u662f\u5426\u6b63\u5e38\u663e\u793a\u3002<\/p>\n
\u5728\u6b64\u9636\u6bb5\uff0c\u7531\u4e8eMongoDB\u4e2d\u8fd8\u6ca1\u6709\u4efb\u4f55\u6570\u636e\uff0c\u6240\u4ee5\u65e0\u8bba\u8f93\u5165\u4ec0\u4e48\u6837\u7684\u7528\u6237\u540d\/\u5bc6\u7801\uff0c\u90fd\u5e94\u8be5\u4f1a\u663e\u793a”\u767b\u5f55\u5931\u8d25”\u3002\u5f53\u7f51\u7ad9\u6b63\u786e\u663e\u793a\u540e\uff0c\u63a5\u4e0b\u6765\u8bbf\u95ee http:\/\/localhost:3004\/initUser \uff0c\u5c06\u5728MongoDB\u4e2d\u63d2\u5165\u4e00\u4e2a\u7c7b\u4f3c\u4e8e\u7ba1\u7406\u5458\u5bc6\u7801\u4e3aadmin\u7684\u7528\u6237\u6570\u636e\uff08\u5982\u679c\u5728\u6267\u884cnode index.js\u547d\u4ee4\u65f6\u63a7\u5236\u53f0\u663e\u793a\u4e86\u7528\u6237\u6570\u636e\uff0c\u5219\u8868\u660e\u6570\u636e\u5df2\u7ecf\u6210\u529f\u63d2\u5165\uff09\u3002<\/p>\n
\u5728\u786e\u8ba4\u6570\u636e\u5df2\u7ecf\u88ab\u5f55\u5165\u540e\uff0c\u5982\u679c\u518d\u6b21\u8bbf\u95ee\/initUser\uff0c\u4f1a\u5bfc\u81f4\u91cd\u590d\u6dfb\u52a0\u6570\u636e\uff0c\u56e0\u6b64\u8bf7\u5c06challenge\/index.js\u4e2d\u7684app.get(“\/initUser”)\u90e8\u5206\u6ce8\u91ca\u6389\u3002<\/p>\n
\u5982\u679c\u4e00\u5207\u90fd\u6b63\u5e38\u5de5\u4f5c\uff0c\u5e0c\u671b\u5728\u6267\u884cdocker-compose up\u65f6\u81ea\u52a8\u542f\u52a8Web\u670d\u52a1\u5668\uff0c\u6267\u884c\u547d\u4ee4\u4e3anode index.js\uff0c\u8bf7\u5c06docker-compose.yml\u4e2d\u7684command:\u4fee\u6539\u5982\u4e0b\u3002<\/p>\n
app<\/span>:<\/span>\r\n  # ... <\u7565> ...<\/span>\r\n  command<\/span>:<\/span> bash<\/span>\r\n\r\n# \u4e0a\u8a18\u3092\u4e0b\u8a18\u306b\u5909\u66f4\uff01\uff01<\/span>\r\n\r\napp<\/span>:<\/span>\r\n  # ... <\u7565> ...<\/span>\r\n  command<\/span>:<\/span> node \/app\/index.js<\/span>\r\n<\/code><\/pre>\n
\u5728MongoDB\u4e2d\u7684\u67e5\u770b\u65b9\u5f0f\u7531\u4e8e\u65e0\u6cd5\u6210\u529f\u5730\u4e0eMongoDB\u8fde\u63a5\u800c\u9677\u5165\u56f0\u5883\uff0c\u4e3a\u4e86\u786e\u8ba4\u6570\u636e\u662f\u5426\u6b63\u786e\u8f93\u5165\uff0c\u4ee5\u4e0b\u662f\u786e\u8ba4MongoDB\u4e2d\u6570\u636e\u7684\u65b9\u6cd5\u3002
\n\u9996\u5148\uff0c\u6309\u7167\u4ee5\u4e0b\u65b9\u5f0f\u8fdb\u5165mongo\u5bb9\u5668\u3002<\/p>\n
docker-compose exec <\/span>mongo bash\r\n<\/code><\/pre>\n
\u73b0\u5728\u53ef\u4ee5\u8fdb\u5165Mongo\u5bb9\u5668\u7684Bash\uff0c\u7136\u540e\u6267\u884c\u4ee5\u4e0b\u64cd\u4f5c\u3002<\/p>\n
mongo <.env\u306b\u66f8\u3044\u305f\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u540d> -u<\/span> <.env\u306b\u66f8\u3044\u305f\u30e6\u30fc\u30b6\u30fc\u540d> -p<\/span>\r\n<\/code><\/pre>\n
\u5f53\u6267\u884c\u6b64\u64cd\u4f5c\u65f6\uff0c\u4f1a\u63d0\u793a\u8f93\u5165\u5bc6\u7801\uff0c\u8bf7\u5c06\u5728.env\u6587\u4ef6\u4e2d\u7f16\u5199\u7684\u5bc6\u7801\u8f93\u5165\u3002
\n\u5982\u679c\u6210\u529f\u8f93\u5165\u540e\uff0c\u53ea\u9700\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff0c\u5373\u53ef\u786e\u8ba4\u662f\u5426\u6210\u529f\u8fde\u63a5\u3002<\/p>\n
><\/span> show collections # users\u3068\u304b\u8868\u793a\u3055\u308c\u308b<\/span>\r\n><\/span> db.users.find()<\/span> # \u3053\u308c\u3067\u30d5\u30e9\u30b0\u304c\u30d1\u30b9\u30ef\u30fc\u30c9\u306eadmin\u3068\u304b\u51fa\u3066\u304d\u305f\u3089\u3061\u3083\u3093\u3068\u9023\u643a\u3055\u308c\u3066\u308b<\/span>\r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u8fd9\u662f\u4ec0\u4e48\uff1fMongoDB\u306b\u5bfe\u3059\u308bNoSQL Injection\u3092\u984c\u6750\u3068\u3057\u305fCTF\u306e\u554f\u984c\u30b5\u30fc\u30d0\u30fc\u3092\u7528\u610f\u3057\u305f\u304f\u4f5c\u6210 […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[227],"class_list":["post-29944","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-227"],"yoast_head":"\n\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09 - Blog - Silicon Cloud<\/title>\n<meta name=\"description\" content=\"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u3010\u4f7f\u7528docker\u642d\u5efanode-jsexpressmongodb\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8ectf\u7684nosqli\u7ec3\u4e60\u670d\u52a1\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09\" \/>\n<meta property=\"og:description\" content=\"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u3010\u4f7f\u7528docker\u642d\u5efanode-jsexpressmongodb\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8ectf\u7684nosqli\u7ec3\u4e60\u670d\u52a1\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-17T08:12:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-12T08:43:01+00:00\" \/>\n<meta name=\"author\" content=\"\u9038, \u79d1\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u9038, \u79d1\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/\",\"name\":\"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-10-17T08:12:59+00:00\",\"dateModified\":\"2025-08-12T08:43:01+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\"},\"description\":\"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0\",\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\",\"name\":\"\u9038, \u79d1\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"caption\":\"\u9038, \u79d1\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09 - Blog - Silicon Cloud","description":"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u3010\u4f7f\u7528docker\u642d\u5efanode-jsexpressmongodb\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8ectf\u7684nosqli\u7ec3\u4e60\u670d\u52a1\/","og_locale":"zh_CN","og_type":"article","og_title":"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09","og_description":"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u3010\u4f7f\u7528docker\u642d\u5efanode-jsexpressmongodb\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8ectf\u7684nosqli\u7ec3\u4e60\u670d\u52a1\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-10-17T08:12:59+00:00","article_modified_time":"2025-08-12T08:43:01+00:00","author":"\u9038, \u79d1","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u9038, \u79d1","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"1 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/","name":"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-10-17T08:12:59+00:00","dateModified":"2025-08-12T08:43:01+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487"},"description":"\u5173\u4e8e\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684N\u7684\u6280\u672f\u6587\u7ae0","breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u3010\u4f7f\u7528Docker\u642d\u5efaNode.js+Express+MongoDB\u73af\u5883\u30112021\u5e74\uff08\u7528\u4e8eCTF\u7684NoSQLi\u7ec3\u4e60\u670d\u52a1\u5668\uff09"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487","name":"\u9038, \u79d1","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","caption":"\u9038, \u79d1"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90%e4%bd%bf%e7%94%a8docker%e6%90%ad%e5%bb%banode-jsexpressmongodb%e7%8e%af%e5%a2%83%e3%80%912021%e5%b9%b4%ef%bc%88%e7%94%a8%e4%ba%8ectf%e7%9a%84nosqli%e7%bb%83%e4%b9%a0%e6%9c%8d%e5%8a%a1\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/29944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=29944"}],"version-history":[{"count":3,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/29944\/revisions"}],"predecessor-version":[{"id":111618,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/29944\/revisions\/111618"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=29944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=29944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=29944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}