C1Beginner

OWASP Juice Shop Challenge

60 minOngoing challenges

Time: 60 min | Difficulty: Beginner | Repeatable: Ongoing challenges

Setup:

docker run -d -p 3000:3000 bkimminich/juice-shop
# Open http://localhost:3000

Beginner Challenges (no technical knowledge required):

  1. Find the admin page: It's not in the navigation bar, but you can guess the URL
  2. Find other users' data: Modify the number in the URL
  3. XSS test: Enter <script>alert('hack')</script> in the search box
  4. SQL injection test: Enter ' OR 1=1 -- in the login box

Reflection: How easy were these "attacks"? Does your own project have these issues?

My Notes

Previous: B18Back to listNext: C2