Here we will go through Juiceshop Level 1
Curabitur blandit tempus porttitor. Nullam quis risus eget urna mollis ornare vel eu leo. Nullam id dolor id nibh ultricies vehicula ut id elit.
Level 1
Challenge | Description |
---|---|
Bonus Payload | Use the bonus payload <iframe width="100%" height="166" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/771984076&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true"></iframe> in the DOM XSS challenge. |
Confidential Document | Access a confidential document. |
DOM XSS | Perform a DOM XSS attack with <iframe src="javascript:alert(`xss`)">. |
Error Handling | Provoke an error that is neither very gracefully nor consistently handled. |
Exposed Metrics | Find the endpoint that serves usage data to be scraped by a popular monitoring system. |
Missing Encoding | Retrieve the photo of Bjoern’s cat in “melee combat-mode”. |
Outdated Whitelist | Let us redirect you to one of our crypto currency addresses which are not promoted any longer. |
Privacy Policy | Read our privacy policy |
Repetitive Registration | Follow the DRY principle while registering a user. |
Zero Stars | Give a devastating zero-star feedback to the store. |