Information Security

Hacking OWASP’s Juice Shop Pt. 44: Reset Bender’s Password

Posted on by codeblue04

Challenge: 

Name: Reset Bender’s Password

Description: Reset Bender’s password via the Forgot Password mechanism with the original answer to his security question.

Difficulty: 4 star

Category: Broken Authentication

Expanded Description: https://pwning.owasp-juice.shop/part2/broken-authentication.html

Tools used:

Burp Suite, FoxyProxy

Resources used:

Hundreds of hours of watching Futurama.

Methodology: 

The first step here is clearly to figure out what the security question is.

In Season One Episode One of Futurama, Bender attempts to kill himself in a Stop ‘n’ Drop Suicide Booth because he found out that the girders he had been bending at work were used to build suicide booths. From there, it was just a matter of finding out the exact string construction of his security answer. To Burp Suite!

Positions Payloads Target O Payload Positions Options Configure the positions where payloads will be inserted into the base request The attack type determines the way in WI Attack type Sniper I 'POST / rest/ user/ reset -password Host: local host 3000 HTTP/I.I User-Agent: MoziIIa/S.O (X 11; Linux x86 64; application/ j son, text/ plain, 4 Accept S Accept -Language: en-lJS, Accept -Encoding: gzip, deflate 7 Content -Type: application/ j son Content -Length: Origin: http // I Ocal host 3000 10 Connection: close Referer: http://localhost : 3000/ rv.78.o) Gecko,'20100101 Firefox,'78.o 12 Cookle: language=en; welcomebanner status=dismiss; cookieconsent status=dismiss, continueCod Z8uqh1tk1esvi 7UyH0uohnt Klj TMCIFviNfns1 HNuktwsoi 7fbS8Ruooh1at r McZN106CQNiY4f rksqKLlQxu37hbkt answer" "5>topndropS 'bender@j uice-sh.op , " "test 1234"} 'new' "test 1234" , 'repeat
02E 一 1 」 0 」 」 山 do-IO,N,d04S do-IO,u,d04S do-IP,u,d04S do-IP,u,d04S do-IP,u,d04S do-IONd04S do-IONd04S do-IOLld04S doupud04S doupud04S doupud04S doupud04S CLIOLld04S peolfed
Status 200 on request number 7!

Now just submit that string in the Forgot Password form and reset Bender’s password!

You successfully solved a challenge: Reset Bender's Password (Reset Bender's password via the Forgot Password mechanism with the original answer to his security question.) X

Prevention and Mitigation Strategies:

 OWASP Security Question Cheat Sheet

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s