Owasp Juicy shop | Broken Authentication
In this blog we are going to learn about the broken authentication vulnerability
Owasp Juicy Shop:
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!
Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a score board. Finding this score board is actually one of the (easy) challenges! source
Broken Authentication:
Broken authentication attacks aim to take over one or more accounts giving the attacker the same privileges as the attacked user. Authentication is “broken” when attackers are able to compromise passwords, keys or session tokens, user account information, and other details to assume user identities.
Broken Authentication by Bruteforce Attack
Click on login option and type admin mail id for password enter any random value before click on submit button setup the burp proxy and open the burpsuite and click on intercept on
Now go to browser click on submit button capture the request in burpsuite and send request to intruder
Go to Positions and then click on Clear § button. In the password field place two § inside the quotes or any value to identify. To clarify, the § § is not two sperate inputs but rather Burp’s implementation of quotations e.g. “”. The request should look like the image below.
Go to payload tab and select the payload tab simple, For the payload, we will be using the best1050.txt from Seclists. You can either find github site and copy that and paste in burp otherwise download and upload it.
upload the text file or copy and click on paste
Once the file is set into Burpsuite, then click on start attack button and wait for the right password
See carefully where you get the status code 200 and length will be different like lower then other or higher then other request. That is the correct password.
Once completed, login into the account with the password. From this, we came to know that password is admin123 where status is 200
Author: Dhakshana E is a passionate Cybersecurity Intern, contact LinkedIn