Name: Email Leak
Description: Perform an unwanted information disclosure by accessing data cross-domain.
Difficulty: 5 star
Category: Sensitive Data Exposure
Expanded Description: https://pwning.owasp-juice.shop/part2/sensitive-data-exposure.html
Burp Suite, FoxyProxy
Solution Guide https://pwning.owasp-juice.shop/appendix/solutions.html
The expanded description for this challenge did nothing but highlight my inexperience with web development, so I jumped straight to the solution and then spent a day learning more about APIs. After all, what’s the point of copy/pasting the solution without learning why it solved the challenge?
The asynchronous API callback returns the user information of users who are logged into the system at that time.
Lessons Learned and Things Worth Mentioning:
- If admin and Jim are both logged in, and the admin Authorization and Token JWT fields are swapped out for Jim’s JWT, you can capture all of the user data from the rest/user/authentication-details endpoint in JSON format.
- I’d never seen “callback” before, so this challenge led to quite a bit of reading so that I could understand its purpose.