Here we will go through Juiceshop Level 1
Curabitur blandit tempus porttitor. Nullam quis risus eget urna mollis ornare vel eu leo. Nullam id dolor id nibh ultricies vehicula ut id elit.
Level 1
| Challenge | Description |
|---|---|
| Bonus Payload | Use the bonus payload <iframe width="100%" height="166" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/771984076&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true"></iframe> in the DOM XSS challenge. |
| Confidential Document | Access a confidential document. |
| DOM XSS | Perform a DOM XSS attack with <iframe src="javascript:alert(`xss`)">. |
| Error Handling | Provoke an error that is neither very gracefully nor consistently handled. |
| Exposed Metrics | Find the endpoint that serves usage data to be scraped by a popular monitoring system. |
| Missing Encoding | Retrieve the photo of Bjoern’s cat in “melee combat-mode”. |
| Outdated Whitelist | Let us redirect you to one of our crypto currency addresses which are not promoted any longer. |
| Privacy Policy | Read our privacy policy |
| Repetitive Registration | Follow the DRY principle while registering a user. |
| Zero Stars | Give a devastating zero-star feedback to the store. |