Hacking OWASP’s Juice Shop Pt. 48: Access Log

Challenge: 

Name: Access Log

Description: Gain access to any access log file of the server

Difficulty: 4 star

Category: Sensitive Data Exposure

Expanded Description: https://pwning.owasp-juice.shop/part2/sensitive-data-exposure.html

Tools used:

Dirbuster

Resources used:

PREREQUISITE: LOGIN SUPPORT TEAM

Methodology: 

**In order to complete this challenge, you must be logged in as support@juice-sh.op. A link to that challenge walkthrough is located above.**

In the expanded description, it’s heavily suggested that only the support team has access to wherever this file is located. After logging in as support@juice-sh.op, a recursive brute-force directory search using Dirbuster, Gobuster, or any other directory enumerating tool will reveal that there is a directory named “/support/logs”. Simply go to that address and download the access log.

Ing 
Kali Tools 
NetHunter 
localhost:3000/support/logs 
Exploit-DB 
•e GHDB 
— I support I logs 
Name 
access.log.2020-11-17
You successfully solved a challenge: Access Log (Gain access to any access log file of the server.) X

Prevention and Mitigation Strategies:

OWASP Mitigation Cheat Sheet

Lessons Learned and Things Worth Mentioning: 

  1. Making the location accessible only to the support team is smart. I had run Dirbuster and Gobuster on this several times (with varying levels of success and rates of error codes), but without being able to access the support directory I could never have known for sure that the logs were contained within.
  2. User-dependent access is something I’ll need to keep in mind as I move into the more difficult challenges. I can’t imagine that this is the only time this particular trick will be used in this application.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s