OWASP Juicy Shop – Score Board Challenge

Some time ago we explained how to install the OWASP Juicy Shop.

This first post of 2024 will explain how to start with this nice vulnerable application.

The first step is finding the scoreboard.

To find it, we observe several matches in the Javascript files using the browser inspector just searching for «score».
Checking some of those matches we can find a promising option: /score-board

La imagen tiene un atributo ALT vacío; su nombre de archivo es image-1024x405.png

If we test it: http://localhost:3000/#/score-board we unlock the Score Board challenge.

And then our journey with the OWASP Juicy Shop has officially begun 🙂